Ubuntu Security Update USN-4522-1: noVNC vulnerability

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,787
Reaction score
94
Credits
-1,257
It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting (XSS) attacks. (CVE-2017-18635)

Continue reading...
 


Follow Linux.org

Members online


Top