Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:44 a.m.7 views

CVE-2024-21637

Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...

7.6CVSS6.3AI score0.00547EPSS
Exploits0References1
Circl
Circl
added 2024/01/11 7:31 a.m.7 views

CVE-2024-21637

creationtimestamp| type| source ---|---|--- 2024-01-11 07:31:57+00:00| seen| https://t.me/ctinow/166329 2024-01-30 09:41:38+00:00| seen| https://t.me/ctinow/175781...

7.6CVSS5.5AI score0.00547EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/11 5:49 a.m.3 views

CVE-2024-21637 XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode

Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...

7.6CVSS6.5AI score0.00547EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/11 5:49 a.m.31 views

CVE-2024-21637 XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode

Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...

7.6CVSS7.2AI score0.00547EPSS
Exploits0References3
Rows per page
Query Builder