CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

NVD•added 2026/05/07 4:16 a.m.•5 views

CVE-2026-41670

Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the...

8.2CVSS0.00018EPSS

Exploits0References2

OSV•added 2026/04/29 9:57 p.m.•3 views

GHSA-P9W9-87C8-M235 Admidio Sends SAML Response to Unvalidated Assertion Consumer Service URL from AuthnRequest

Summary The SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the registered ACS URL smcacsurl stored in the database for the...

8.2CVSS6AI score0.00018EPSS

Exploits0References4

EUVD•added 2026/02/03 4:47 p.m.•3 views

EUVD-2026-5244

Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service ACS cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Console" installations, resulting in full account takeover. The...

9.6CVSS5.4AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2026/02/03 12:0 a.m.•4 views

PT-2026-6046

Name of the Vulnerable Software and Affected Versions Rapid7 InsightVM versions prior to 8.34.0 Description Rapid7 InsightVM installations utilizing the "Security Console" setup are susceptible to a signature verification flaw on the Assertion Consumer Service ACS cloud endpoint. This issue allow...

9.6CVSS5.5AI score0.00021EPSS

Exploits0References6

Vulnrichment•added 2025/10/27 1:39 p.m.•2 views

CVE-2025-50055

Cross-site scripting XSS vulnerability in the SAML Authentication module in OpenVPN Access Server version 2.14.0 through 2.14.3 allows configured remote SAML Assertion Consumer Service ACS endpoint servers to inject arbitrary web script or HTML via the RelayState parameter...

5.6AI score0.00038EPSS

Exploits0References1

Cvelist•added 2025/10/27 1:39 p.m.•5 views

CVE-2025-50055

0.00038EPSS

Exploits0References1

CVE•added 2025/10/27 1:39 p.m.•15 views

CVE-2025-50055

OpenVPN Access Server 2.14.0–2.14.3 exposes an XSS vulnerability in the SAML Authentication module via the RelayState parameter. The issue allows an attacker-controlled RelayState to inject arbitrary script/HTML, potentially leading to client-side impact. The CVE description in official records n...

6.4CVSS5.6AI score0.00038EPSS

Exploits0References1

OSV•added 2024/04/17 5:33 p.m.•0 views

GHSA-8RMM-GM28-PJ8Q Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow

Keycloak allows arbitrary URLs as SAML Assertion Consumer Service POST Binding URL ACS, including JavaScript URIs javascript:. Allowing JavaScript URIs in combination with HTML forms leads to JavaScript evaluation in the context of the embedding origin on form submission. Acknowledgements: Specia...

6CVSS6AI score0.00102EPSS

Exploits0References10

RedHat Linux•added 2024/04/16 8:26 p.m.•4 views

keycloak: XSS via assertion consumer service URL in SAML POST-binding flow

A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs ACS, posing a Cross-Site Scripting XSS risk. This issue may allow a malicious admin in one realm or a client with...

6CVSS5.9AI score0.00102EPSS

Exploits0References4

Positive Technologies•added 2024/04/16 12:0 a.m.•2 views

PT-2024-5147 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs ACS,...

6.8CVSS5.8AI score0.00102EPSS

Exploits0References18

RedHat Linux•added 2024/03/18 9:47 a.m.•8 views

keycloak: XSS via assertion consumer service URL in SAML POST-binding flow

6CVSS5.9AI score0.00102EPSS

Exploits0References4

Positive Technologies•added 2023/08/30 12:0 a.m.•4 views

PT-2023-27527 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.6 Splunk Enterprise versions prior to 8.2.12 Description: A malicious actor can send a malformed security assertion markup language SAML request to the "/saml/acs" REST endpoint, causing a denial of...

7.5CVSS7AI score0.00157EPSS

Exploits0References5

RedHat Linux•added 2023/06/27 6:53 p.m.•3 views

RHSSO: XSS due to lax URI scheme validation

Keycloak, an open-source identity and access management solution, has a cross-site scripting XSS vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirecturi...

10CVSS5.7AI score0.01306EPSS

Exploits0References4

Positive Technologies•added 2023/06/27 12:0 a.m.•3 views

PT-2023-3319 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak versions affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability in Keycloak, an open-source identity and access management solution. This vulnerability can be exploited by settin...

10CVSS6.5AI score0.01306EPSS

Exploits0References10

CNNVD•added 2023/06/27 12:0 a.m.•1 views

Red Hat Keycloak 跨站脚本漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Keycloak. An attacker could exploit the vulnerability to execute malicious scripts by setting the...

10CVSS7.2AI score0.01306EPSS

Exploits0References5

CISA KEV Catalog•added 2021/11/03 12:0 a.m.•22 views

Micro Focus Access Manager Information Leakage Vulnerability

Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used...

7.5CVSS8.3AI score0.10545EPSS

In wildExploits0

VulnCheck KEV•added 2021/08/06 12:0 a.m.•1 views

VulnCheck KEV: CVE-2021-22506

Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used...

7.5CVSS7.2AI score0.10545EPSS

Exploits0References1

OSV•added 2020/01/22 2:15 p.m.•1 views

CVE-2018-16271

The wemailconsumerservice from the built-in application wemail in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This...

6.5CVSS5.9AI score

Exploits0References2

CVE•added 2020/01/22 1:3 p.m.•50 views

CVE-2018-16271

CVE-2018-16271 concerns the wemail_consumer_service in Samsung Galaxy Gear series (Tizen-based firmwares) prior to build RE2. The vulnerability arises from improper D-Bus security policy configurations, enabling an unprivileged process to manipulate a user’s mailbox. Additionally, an arbitrary em...

6.5CVSS6.4AI score0.00189EPSS

Exploits1References2Affected Software1

CNVD•added 2017/04/27 12:0 a.m.•2 views

NetIQ Access Manager Cross-Site Scripting Vulnerability (CNVD-2017-06744)

NetIQ Access Manager provides a simple, secure, and scalable solution for handling Web access requirements. A cross-site scripting vulnerability exists in the AssertionConsumerServiceURL field of a signed AuthnRequest in the samlp:AuthnRequest document for NetIQ Access Manager. A remote attacker...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by