Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2020-5497
HistoryJan 04, 2020 - 2:07 a.m.

CVE-2020-5497

2020-01-0402:07:34
mitre
www.cve.org

0.004 Low

EPSS

Percentile

72.0%

JSON

The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be exploited to execute arbitrary JavaScript.

Related

cve 1
github 1
veracode 1
osv 2
nvd 1
packetstorm 1
prion 1
cve
cve
CVE-2020-5497
2020-01-04 03:15:10
github
github
XSS in MITREid Connect
2020-04-01 16:35:44
veracode
veracode
Cross-site Scripting (XSS)
2020-04-02 04:06:58
osv
osv
XSS in MITREid Connect
2020-04-01 16:35:44
CVE-2020-5497
2020-01-04 03:15:10
nvd
nvd
CVE-2020-5497
2020-01-04 03:15:10
packetstorm
packetstorm
MITREid 1.3.3 Cross Site Scripting
2020-02-28 00:00:00
prion
prion
Design/Logic Flaw
2020-01-04 03:15:00

0.004 Low

EPSS

Percentile

72.0%

JSON
Related for CVELIST:CVE-2020-5497
cve1github1veracode1osv2nvd1packetstorm1prion1