CVE-2020-25864 log

Severity Medium
Remote Yes
Type Cross-site scripting
A vulnerability was identified in Consul and Consul Enterprise ("Consul") up to version 1.9.4 where a specially crafted KV entry could be used to perform a cross-site scripting (XSS) attack when viewed in the raw mode. The issue is fixed in versions 1.9.5, 1.8.10 and 1.7.14.
Group Package Affected Fixed Severity Status Ticket
AVG-1829 consul 1.9.4-1 1.9.5-1 Medium Fixed