Vulnerability & Exploit Database

Back to search

Alpine Linux: CVE-2017-15092: pdns-recursor Multiple vulnerabilities

Severity CVSS Published Added Modified
4 (AV:N/AC:M/Au:N/C:N/I:P/A:N) December 07, 2017 December 18, 2017 February 14, 2018

Description

A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

alpine-linux-upgrade-pdns-recursor

Related Vulnerabilities