15 matches found
EUVD-2017-14292
Malware in sbrugna...
EUVD-2023-1671
Malicious code in bioql PyPI...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
Cross site scripting
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
Cross-Site Scripting (XSS)
org.keycloak:keycloak-services is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due to improper SAML and OIDC URI sanitization in the AssertionConsumerServiceURL, which allows an attacker with access to the connection string to inject arbitrary JavaScript...
GHSA-3P62-6FJH-3P5H Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
AssertionConsumerServiceURL is a Java implementation for SAML Service Providers org.keycloak.protocol.saml. Affected versions of this package are vulnerable to Cross-site Scripting XSS. AssertionConsumerServiceURL allows XSS when sending a crafted SAML XML request...
Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
AssertionConsumerServiceURL is a Java implementation for SAML Service Providers org.keycloak.protocol.saml. Affected versions of this package are vulnerable to Cross-site Scripting XSS. AssertionConsumerServiceURL allows XSS when sending a crafted SAML XML request...
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...
CVE-2022-23170
SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity...
CVE-2017-5183
NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document...
Design/Logic Flaw
NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document...
CVE-2017-5183
NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document...