4 matches found
CVE-2023-44040
In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting XSS vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate...
CVE-2023-44040
In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting XSS vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate...
PT-2024-13169 · Veridium · Veridiumid
Name of the Vulnerable Software and Affected Versions: VeridiumID versions prior to 3.5.0 Description: The issue concerns a cross-site scripting XSS vulnerability in the identity provider page. This vulnerability can be exploited by an internal unauthenticated attacker to execute JavaScript in th...
CVE-2023-44040
CVE-2023-44040 affects VeridiumID prior to 3.5.0. An internal unauthenticated attacker can trigger a cross-site scripting (XSS) on the identity provider page, allowing JavaScript execution in the user’s authentication context. Multiple sources (NVD, Red Hat advisory, CVE listings, and third-party...