DockerUI, a third-party Web interface for the popular software containerization system, has “multiple persistent [security] vulnerabilities,” according to research conducted by Vulnerability Lab.
Vulnerability Lab reported two separate issues in the most recent build of DockerUI, 0.10.0. Although still in beta, it has “multiple persistent input validation web vulnerabilities” and “is vulnerable to a CSRF attack,” according to Vulnerability Lab. Worse, one of the attacks can be launched by anyone who has basic user access to DockerUI.
To read this article in full or to leave a comment, please click here