Lucene search
GoogleOSV:CVE-2021-23347HistoryMar 03, 2021 - 10:15 a.m.
CVE-2021-23347
2021-03-0310:15:13
Google
osv.dev
5
cve-2021-23347
cross-site scripting
sso provider
The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting (XSS) the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user.
Related
gitlab
gitlab
github
github
Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd/v2
2021-05-21 14:31:41
nvd
nvd
CVE-2021-23347
2021-03-03 10:15:13
veracode
veracode
Cross-site Scripting (XSS)
2021-03-04 04:04:17
cve
cve
CVE-2021-23347
2021-03-03 10:15:13
prion
prion
Cross site scripting
2021-03-03 10:15:00
cvelist
cvelist
CVE-2021-23347 Cross-site Scripting (XSS)
2021-03-03 09:55:25
osv
osv
BIT-argo-cd-2021-23347
2024-03-06 10:51:28
Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd/v2
2021-05-21 14:31:41
Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd
2024-08-21 15:29:06