2 matches found
CVE-2023-52240
The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 through 4.14.8 before 4.14.9, 5.0.0 through 5.11.4 before 5.11.5, and 6.0.0 through 6.19.0 before 6.20.0. The full product names are Kantega SA...
CVE-2023-52240
The CVE-2023-52240 entry concerns Kantega SAML SSO OIDC Kerberos Single Sign-on apps for Atlassian products (Jira, Confluence, Bitbucket, Bamboo, FeCru) prior to version 6.20.0. The root cause is an HTML/XSS issue caused by improper cleanup of URL parameters when SAML POST Binding is enabled, all...