This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Novnc First view 2019-09-25
Product Novnc Last view 2019-09-25
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:novnc:novnc

Activity : Overall

Related : CVE

  Date Alert Description
6.1 2019-09-25 CVE-2017-18635

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

CWE : Common Weakness Enumeration

100% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')