CVE-2021-28290

A cross-site scripting XSS vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter...

CVE-2021-28290

A cross-site scripting XSS vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter...

CVE-2021-28290

A cross-site scripting XSS vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter...

Cross site scripting

A cross-site scripting XSS vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter...

CVE-2021-28290

A cross-site scripting XSS vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter...

CVE-2021-28290

The CVE-2021-28290 entry applies to Skoruba IdentityServer4.Admin prior to 2.0.0, where an XSS flaw occurs because an unencoded value is passed to the data-secret-value parameter. The vulnerability affects that admin interface and can enable cross-site scripting via the affected input path. The N...

IdentityServer4.Admin 跨站脚本漏洞

IdentityServer4.Admin is an administration for IdentityServer4 and Asp.Net Core Identity by Jan Škoruba, a Czech individual developer. A security vulnerability exists in IdentityServer4.Admin versions prior to 2.0.0, which can be exploited by an attacker to conduct cross-site scripting XSS attack...