CVE-2022-29182 (GCVE-0-2022-29182)
Vulnerability from cvelistv5
Published
2022-05-20 19:05
Modified
2025-04-23 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run's Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user's browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph's iframe. This could allow an attacker to steal a GoCD user's session cookies and/or execute malicious code in the user's context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:17:54.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gocd/gocd/releases/tag/22.1.0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.gocd.org/releases/#22-1-0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:07:08.766059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:24:22.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gocd",
"vendor": "gocd",
"versions": [
{
"status": "affected",
"version": "\u003e= 19.11.0, \u003c 22.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run\u0027s Stage Details \u003e Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user\u0027s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph\u0027s iframe. This could allow an attacker to steal a GoCD user\u0027s session cookies and/or execute malicious code in the user\u0027s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T19:05:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gocd/gocd/releases/tag/22.1.0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.gocd.org/releases/#22-1-0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477"
}
],
"source": {
"advisory": "GHSA-qcg6-4q44-3589",
"discovery": "UNKNOWN"
},
"title": "DOM-based XSS in GoCD",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-29182",
"STATE": "PUBLIC",
"TITLE": "DOM-based XSS in GoCD"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gocd",
"version": {
"version_data": [
{
"version_value": "\u003e= 19.11.0, \u003c 22.1.0"
}
]
}
}
]
},
"vendor_name": "gocd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run\u0027s Stage Details \u003e Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user\u0027s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph\u0027s iframe. This could allow an attacker to steal a GoCD user\u0027s session cookies and/or execute malicious code in the user\u0027s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/gocd/gocd/releases/tag/22.1.0",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/releases/tag/22.1.0"
},
{
"name": "https://www.gocd.org/releases/#22-1-0",
"refsource": "MISC",
"url": "https://www.gocd.org/releases/#22-1-0"
},
{
"name": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589",
"refsource": "CONFIRM",
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589"
},
{
"name": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477"
}
]
},
"source": {
"advisory": "GHSA-qcg6-4q44-3589",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-29182",
"datePublished": "2022-05-20T19:05:12.000Z",
"dateReserved": "2022-04-13T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:24:22.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-29182\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-05-20T19:15:08.267\",\"lastModified\":\"2024-11-21T06:58:39.500\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run\u0027s Stage Details \u003e Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user\u0027s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph\u0027s iframe. This could allow an attacker to steal a GoCD user\u0027s session cookies and/or execute malicious code in the user\u0027s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.\"},{\"lang\":\"es\",\"value\":\"GoCD es un servidor de entrega continua. GoCD versiones 19.11.0 a 21.4.0 (inclusive), son vulnerables a un ataque de tipo cross-site scripting attack basado en el Modelo de Objetos de Documentos (DOM) por medio de la pesta\u00f1a Stage Details ) Graphs de una ejecuci\u00f3n de canalizaci\u00f3n. Es posible que un script malicioso en un sitio alojado por el atacante ejecute un script que ser\u00e1 ejecutado dentro del contexto del navegador del usuario y de la sesi\u00f3n GoCD por medio de un abuso de un canal de mensajer\u00eda usado para la comunicaci\u00f3n entre la p\u00e1gina principal y el iframe del gr\u00e1fico de detalles de la etapa. Esto podr\u00eda permitir a un atacante robar las cookies de sesi\u00f3n de un usuario de GoCD y/o ejecutar c\u00f3digo malicioso en el contexto del usuario. Este problema ha sido corregido en GoCD versi\u00f3n 22.1.0. Actualmente no se conocen mitigaciones\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.11.0\",\"versionEndIncluding\":\"21.4.0\",\"matchCriteriaId\":\"A51919B4-989A-4FED-A34F-DB8C1885564D\"}]}]}],\"references\":[{\"url\":\"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gocd/gocd/releases/tag/22.1.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.gocd.org/releases/#22-1-0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gocd/gocd/releases/tag/22.1.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.gocd.org/releases/#22-1-0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/gocd/gocd/releases/tag/22.1.0\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.gocd.org/releases/#22-1-0\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:17:54.073Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-29182\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T14:07:08.766059Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T14:07:10.276Z\"}}], \"cna\": {\"title\": \"DOM-based XSS in GoCD\", \"source\": {\"advisory\": \"GHSA-qcg6-4q44-3589\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"gocd\", \"product\": \"gocd\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 19.11.0, \u003c 22.1.0\"}]}], \"references\": [{\"url\": \"https://github.com/gocd/gocd/releases/tag/22.1.0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.gocd.org/releases/#22-1-0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run\u0027s Stage Details \u003e Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user\u0027s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph\u0027s iframe. This could allow an attacker to steal a GoCD user\u0027s session cookies and/or execute malicious code in the user\u0027s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-05-20T19:05:12.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"advisory\": \"GHSA-qcg6-4q44-3589\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003e= 19.11.0, \u003c 22.1.0\"}]}, \"product_name\": \"gocd\"}]}, \"vendor_name\": \"gocd\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/gocd/gocd/releases/tag/22.1.0\", \"name\": \"https://github.com/gocd/gocd/releases/tag/22.1.0\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.gocd.org/releases/#22-1-0\", \"name\": \"https://www.gocd.org/releases/#22-1-0\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\", \"name\": \"https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\", \"name\": \"https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run\u0027s Stage Details \u003e Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user\u0027s browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph\u0027s iframe. This could allow an attacker to steal a GoCD user\u0027s session cookies and/or execute malicious code in the user\u0027s context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-29182\", \"STATE\": \"PUBLIC\", \"TITLE\": \"DOM-based XSS in GoCD\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-29182\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T18:24:22.250Z\", \"dateReserved\": \"2022-04-13T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-05-20T19:05:12.000Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…