CVE-2024-10086 | HashiCorp Consul/Consul Enterprise up to 1.19.2 HTTP Header Content-Type cross site scripting (Nessus ID 210710)
A vulnerability, which was classified as problematic, was found in HashiCorp Consul and Consul Enterprise up to 1.19.2. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument Content-Type leads to cross site scripting.
This vulnerability is traded as CVE-2024-10086. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.