Headline
CVE-2019-3876: Invalid Bug ID
A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.
‘CVE-2019-3876?cve=title’ is not a valid bug number nor an alias to a bug.
Please press Back and try again.