Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2020-5497
HistoryJan 04, 2020 - 3:15 a.m.

Design/Logic Flaw

2020-01-0403:15:00
PRIOn knowledge base
www.prio-n.com
7

0.004 Low

EPSS

Percentile

72.0%

JSON

The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be exploited to execute arbitrary JavaScript.

CPENameOperatorVersion
connectle1.3.3

Related

cve 1
github 1
veracode 1
osv 2
cvelist 1
nvd 1
packetstorm 1
cve
cve
CVE-2020-5497
2020-01-04 03:15:10
github
github
XSS in MITREid Connect
2020-04-01 16:35:44
veracode
veracode
Cross-site Scripting (XSS)
2020-04-02 04:06:58
osv
osv
XSS in MITREid Connect
2020-04-01 16:35:44
CVE-2020-5497
2020-01-04 03:15:10
cvelist
cvelist
CVE-2020-5497
2020-01-04 02:07:34
nvd
nvd
CVE-2020-5497
2020-01-04 03:15:10
packetstorm
packetstorm
MITREid 1.3.3 Cross Site Scripting
2020-02-28 00:00:00

0.004 Low

EPSS

Percentile

72.0%

JSON
Related for PRION:CVE-2020-5497
cve1github1veracode1osv2cvelist1nvd1packetstorm1