Vulnerabilities > Openstack > Puppet Gerrit > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-12 CVE-2016-5737 Cross-site Scripting vulnerability in Openstack Puppet-Gerrit
The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review.
network
low complexity
openstack CWE-79
6.1