CVE-2018-1000163

Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appears to be exploitable via the victim browsing the web console.
References
Link Resource
https://xiaofen9.github.io/blog/floodlight-rce/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:projectfloodlight:floodlight:*:*:*:*:*:*:*:*

Information

Published : 2018-04-18 07:29

Updated : 2018-05-21 04:14


NVD link : CVE-2018-1000163

Mitre link : CVE-2018-1000163

Products Affected
No products.
CWE