{"id":38651,"date":"2020-09-22T03:50:17","date_gmt":"2020-09-21T18:50:17","guid":{"rendered":"https:\/\/jirak.net\/wp\/usn-4522-1-novnc-vulnerability\/"},"modified":"2020-09-22T04:34:07","modified_gmt":"2020-09-21T19:34:07","slug":"usn-4522-1-novnc-vulnerability","status":"publish","type":"post","link":"https:\/\/jirak.net\/wp\/usn-4522-1-novnc-vulnerability\/","title":{"rendered":"USN-4522-1: noVNC vulnerability"},"content":{"rendered":"<p>USN-4522-1: noVNC vulnerability<\/p>\n<p>It was discovered that noVNC did not properly manage certain messages,<br \/>\nresulting in the remote VNC server injecting arbitrary HTML into the<br \/>\nnoVNC web page. An attacker could use this issue to conduct cross-site<br \/>\nscripting (XSS) attacks. (CVE-2017-18635)<br \/>\nSource: <a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-4522-1\" target=\"_blank\" rel=\"noopener noreferrer\">USN-4522-1: noVNC vulnerability<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>USN-4522-1: noVNC vulnerability It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting (XSS) attacks. (CVE-2017-18635) Source: USN-4522-1: noVNC vulnerability<\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-38651","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/38651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=38651"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/38651\/revisions"}],"predecessor-version":[{"id":38652,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/38651\/revisions\/38652"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=38651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=38651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=38651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}