AI Score
Confidence
Low
EPSS
Percentile
58.7%
Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or other status pages. An attacker could use this to inject malicious content.
ubuntu.com/security/CVE-2021-28963
ubuntu.com/security/notices/USN-4925-1