6 matches found
CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters...
Ubuntu 20.04 LTS : Shibboleth vulnerability (USN-4925-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4925-1 advisory. Toni Huttunen and Fraktal Oy discovered that the Shibboleth Service provider allowed content injection due to allowing attacker-controlled parameters in error or...
UBUNTU-CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters...
CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters...
CVE-2021-28963
CVE-2021-28963 affects Shibboleth Service Provider prior to 3.2.1, where template generation uses attacker-controlled parameters, enabling content injection. Multiple connected sources (Red Hat, Ubuntu USN-4925-1, Debian/OSV entries) corroborate the vulnerability and indicate affected deployments...
CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters...