9 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes i...
CVE-2015-5216
The Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via an HTTP response...
Cross site scripting
DISPUTED The default configuration of the Jinja templating engine used in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not enable auto-escaping, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via template variables. NOTE: This may be ...
CVE-2015-5216
The CVE-2015-5216 entry affects Ipsilon IdP server versions 0.1.0 through 1.0.0. Root cause: improper escaping of characters in a Python exception-message template, enabling remote XSS via an HTTP response. Connected sources (e.g., PT-2020-7857) corroborate the same issue and specify the affected...
CVE-2015-5215
CVE-2015-5215 affects the Identity Provider (IdP) server of Ipsilon, specifically versions 0.1.0 through 1.0.0, where the Jinja templating engine is not auto-escaped by default. The documented consequence is easier remote cross-site scripting (XSS) via template variables, tied to the IdP’s defaul...
Fedora 23 : ipsilon-1.1.1-2.fc23 (2015-15291)
Rebased to 1.1.1 release ---- ipsilon-1.0.0-5.fc23 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding...
Fedora 22 : ipsilon-1.1.1-2.fc22 (2015-15292)
Rebased to 1.1.0 release ---- ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clea...
Fedora Update for ipsilon FEDORA-2015-15292
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : ipsilon-1.0.0-5.fc23 (2015-13919)
ipsilon-1.0.0-5.fc23 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding description block directly from the...