5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-45683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML...
SUSE CVE-2023-45683
github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...
CVE-2023-45683
github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...
CVE-2023-45683 Cross site scripting via missing binding syntax validation In ACS location in github.com/crewjam/saml
github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...
CVE-2023-45683
CVE-2023-45683 affects the Go SAML library github.com/crewjam/saml. Affected versions fail to validate the ACS Location URI according to the parsed SAML binding, enabling an attacker to register a malicious Service Provider at the IdP and inject JavaScript in the ACS endpoint. This can cause Cros...