{}

{}

{}

{"bugzilla": {"description": "migration-planner: credentialUrl Validator Accepts javascript: URLs", "id": "2487073", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487073"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", "status": "draft"}, "cwe": "CWE-79", "details": ["A flaw was found in migration-planner. Insufficient validation of the `AgentStatusUpdate.CredentialUrl` field allows an authenticated attacker to store a malicious `javascript:` URL. When a victim views this URL in the Hybrid Cloud Console, it can lead to Cross-Site Scripting (XSS), enabling script execution in the victim's session and potentially disclosing sensitive information."], "name": "CVE-2026-53472", "public_date": "2026-06-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53472\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53472"], "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "product": "migration-planner", "vendor": "kubev2v"}], "created": "2026-06-11T02:15:27.140748+00:00", "updated": "2026-06-11T10:42:20.177228+00:00", "vendors": ["kubev2v", "kubev2v$PRODUCT$migration-planner"]}