3 matches found
Ping Identity Agentless Integration Kit Cross Site Scripting
Ping Identity Agentless Integration Kit Reflected Cross-site Scripting XSS Link: https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190305-01PingIdentityAgentlessIntegrationKitReflectedXSS Vulnerability Overview Ping Identity Agentless Integration Kit before 1.5 is susceptible t...
CVE-2019-13564
XSS exists in Ping Identity Agentless Integration Kit before 1.5...
CVE-2019-13564
CVE-2019-13564 is a Cross-Site Scripting (XSS) vulnerability in the Ping Identity Agentless Integration Kit prior to version 1.5. Several sources describe it as a Reflected XSS affecting the /as/authorization.oauth2 endpoint, caused by improper encoding of an arbitrarily submitted HTTP GET parame...