Description
Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.
Remediation
References
https://www.linkedin.com/pulse/xss-nasas-open-mct-v302-visionspace-technologies-ubg4f
Related Vulnerabilities
CVE-2010-4172 Vulnerability in maven package org.apache.tomcat:catalina
CVE-2022-36046 Vulnerability in npm package next
CVE-2020-5245 Vulnerability in maven package io.dropwizard:dropwizard-validation
CVE-2022-45693 Vulnerability in maven package org.codehaus.jettison:jettison
CVE-2022-0436 Vulnerability in maven package org.webjars.npm:grunt