2 matches found
CVE-2019-11274 UAA SCIM Filter XSS
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute...
CVE-2019-11274
Summary: CVE-2019-11274 affects Cloud Foundry UAA prior to v74.0.0, enabling a remote, unauthenticated attacker to craft a URL containing a SCIM filter that can execute malicious JavaScript (XSS) in older browsers. The root cause is insufficient sanitization of SCIM filter handling in UAA. Impact...