OpenShift Container Platform 3.11 - Cross-Site Scripting in Tectonic Console
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim.