CVE-2022-45597

ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the report is only about use of certificates at the application layer not the transport layer and "Certificates are exchanged in a controlled fashion between entities...

CVE-2022-45597

ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the report is only about use of certificates at the application layer not the transport layer and "Certificates are exchanged in a controlled fashion between entities...

PT-2023-14715 · Componentspace · Componentspace.Saml2

Name of the Vulnerable Software and Affected Versions: ComponentSpace.Saml2 version 4.4.0 Description: The issue concerns missing SSL certificate validation at the application layer. According to the vendor, this is not considered a vulnerability because certificates are exchanged between trusted...

ComponentSpace SAML 信任管理问题漏洞

ComponentSpace SAML is ComponentSpace's SAML and OpenID solution for ASP.NET and ASP.NET Core. A trust management issue vulnerability exists in ComponentSpace SAML version 4.4.0, which stems from a lack of SSL certificate validation...

componentspace.com XSS vulnerability

Open Bug Bounty ID: OBB-519925 Description| Value ---|--- Affected Website:| componentspace.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...