Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2024/04/03 5:15 p.m.6 views

CVE-2023-44040

In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting XSS vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate...

6.1CVSS5.9AI score0.00446EPSS
Exploits0References4
OSV
OSV
added 2024/04/03 5:15 p.m.6 views

CVE-2023-44040

In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting XSS vulnerability that can be exploited by an internal unauthenticated attacker for JavaScript execution in the context of the user trying to authenticate...

6.1CVSS5.8AI score0.00446EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.5 views

PT-2024-13169 · Veridium · Veridiumid

Name of the Vulnerable Software and Affected Versions: VeridiumID versions prior to 3.5.0 Description: The issue concerns a cross-site scripting XSS vulnerability in the identity provider page. This vulnerability can be exploited by an internal unauthenticated attacker to execute JavaScript in th...

6.1CVSS6.1AI score0.00446EPSS
Exploits0References5
CVE
CVE
added 2024/04/03 12:0 a.m.55 views

CVE-2023-44040

CVE-2023-44040 affects VeridiumID prior to 3.5.0. An internal unauthenticated attacker can trigger a cross-site scripting (XSS) on the identity provider page, allowing JavaScript execution in the user’s authentication context. Multiple sources (NVD, Red Hat advisory, CVE listings, and third-party...

6.1CVSS5.9AI score0.00446EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder