Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2022/01/21 11:52 p.m.45 views

Cross-site Scripting in Apache Knox SSO

When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be...

6.1CVSS1.1AI score0.02579EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/01/17 8:15 p.m.18 views

CVE-2021-42357

When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be...

6.1CVSS0.02579EPSS
Exploits0References2
OSV
OSV
added 2022/01/17 8:15 p.m.14 views

CVE-2021-42357

When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2022/01/17 8:15 p.m.21 views

Design/Logic Flaw

When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be...

4.3CVSS5.9AI score0.02579EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/01/17 7:25 p.m.117 views

CVE-2021-42357

CVE-2021-42357 affects Apache Knox SSO prior to 1.6.1. The issue arises from improper URL parsing, allowing a crafted request parameter to redirect users to an attacker-controlled page. Practical impact described across sources is a user-facing redirect that would need exposure outside the normal...

6.1CVSS5.9AI score0.02579EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/01/17 12:0 a.m.6 views

Apache Knox SSO 跨站脚本漏洞

Knox Sso is the Apache Foundation's Web Ui Sso Single Sign-On feature for your cluster. A security vulnerability exists in Apache Knox SSO that stems from a URL parsing error that could craft requests to redirect users to a malicious page. A request containing a specially crafted request paramete...

6.1CVSS5.4AI score0.02579EPSS
Exploits0References4
Rows per page
Query Builder