2 matches found
CVE-2017-8044
In Pivotal Single Sign-On for PCF 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3, certain pages allow code to be injected into the DOM environment through query parameters, leading to XSS attacks...
CVE-2017-8044
Pivotal Single Sign-On for PCF is affected in versions 1.3.x prior to 1.3.4 and 1.4.x prior to 1.4.3. The vulnerability is a DOM-based XSS where code injected via query parameters can execute in the browser environment. Connected sources corroborate the same vulnerability description across multi...