2 matches found
CVE-2024-28855
ZITADEL, open source authentication management software, uses Go templates to render the login UI. Due to a improper use of the text/template instead of the html/template package, the Login UI did not sanitize input parameters prior to versions 2.47.3, 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, and...
CVE-2024-28855
CVE-2024-28855 affects ZITADEL, an open-source authentication system. The Login UI renders with Go templates using text/template instead of html/template, failing to sanitize input parameters in versions up to 2.47.3 (and earlier 2.46.1, 2.45.1, 2.44.3, 2.43.9, 2.42.15, 2.41.15). An attacker coul...