Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2015-5216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes i...

6.1CVSS5.9AI score0.01096EPSS
Exploits0References2
NVD
NVD
added 2020/02/17 7:15 p.m.19 views

CVE-2015-5216

The Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via an HTTP response...

6.1CVSS5.9AI score0.01096EPSS
Exploits0References3
Prion
Prion
added 2020/02/17 7:15 p.m.11 views

Cross site scripting

DISPUTED The default configuration of the Jinja templating engine used in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not enable auto-escaping, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via template variables. NOTE: This may be ...

4.3CVSS5.9AI score0.01096EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/02/17 6:16 p.m.54 views

CVE-2015-5216

The CVE-2015-5216 entry affects Ipsilon IdP server versions 0.1.0 through 1.0.0. Root cause: improper escaping of characters in a Python exception-message template, enabling remote XSS via an HTTP response. Connected sources (e.g., PT-2020-7857) corroborate the same issue and specify the affected...

6.1CVSS5.8AI score0.01096EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/02/17 12:0 a.m.65 views

CVE-2015-5215

CVE-2015-5215 affects the Identity Provider (IdP) server of Ipsilon, specifically versions 0.1.0 through 1.0.0, where the Jinja templating engine is not auto-escaped by default. The documented consequence is easier remote cross-site scripting (XSS) via template variables, tied to the IdP’s defaul...

6.1CVSS5.8AI score0.01069EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/11/09 12:0 a.m.18 views

Fedora 23 : ipsilon-1.1.1-2.fc23 (2015-15291)

Rebased to 1.1.1 release ---- ipsilon-1.0.0-5.fc23 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding...

6.1CVSS6.1AI score0.01493EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/11/09 12:0 a.m.19 views

Fedora 22 : ipsilon-1.1.1-2.fc22 (2015-15292)

Rebased to 1.1.0 release ---- ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clea...

6.1CVSS6.1AI score0.01493EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/11/09 12:0 a.m.18 views

Fedora Update for ipsilon FEDORA-2015-15292

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.01493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/11/02 12:0 a.m.18 views

Fedora 23 : ipsilon-1.0.0-5.fc23 (2015-13919)

ipsilon-1.0.0-5.fc23 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 ipsilon-1.0.0-5.fc22 - Backported some patches - Fix for CVE-2015-5215/CVE-2015-5216/CVE-2015-5217 Note that Tenable Network Security has extracted the preceding description block directly from the...

6.1CVSS6.1AI score0.013EPSS
Exploits0References1
Rows per page
Query Builder