CVE-2021-3654

Medium

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any…

redhat·CWE-601·Published 2022-03-02

CVSS

6.1

EPSS

0.27

KEV

Exploits

cve.orgen

148 chars

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

NVDen

148 chars

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

OSV.deven

173 chars

A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

GHSAen

173 chars

A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.

NVDes

176 chars

Se ha encontrado una vulnerabilidad en el proxy de consola de openstack-nova, noVNC. Mediante el diseño de una URL maliciosa, noVNC puede ser redirigido a cualquier URL deseada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	4.9	4.9	AV:N/AC:H/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N