Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-45683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML...

7.1CVSS6.8AI score0.00434EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/06/04 12:28 p.m.2 views

SUSE CVE-2023-45683

github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...

7.1CVSS6.1AI score0.00434EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/10/16 7:15 p.m.17 views

CVE-2023-45683

github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...

7.1CVSS6.6AI score0.00434EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/16 6:13 p.m.14 views

CVE-2023-45683 Cross site scripting via missing binding syntax validation In ACS location in github.com/crewjam/saml

github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the...

7.1CVSS6.2AI score0.00434EPSS
Exploits0References2
CVE
CVE
added 2023/10/16 6:13 p.m.63 views

CVE-2023-45683

CVE-2023-45683 affects the Go SAML library github.com/crewjam/saml. Affected versions fail to validate the ACS Location URI according to the parsed SAML binding, enabling an attacker to register a malicious Service Provider at the IdP and inject JavaScript in the ACS endpoint. This can cause Cros...

7.1CVSS6.2AI score0.00434EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder