This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Novnc First view 2019-09-25
Product Novnc Last view 2019-09-25
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:novnc:novnc

Activity : Overall

Related : CVE

  Date Alert Description
6.1 2019-09-25 CVE-2017-18635

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')