3 matches found
Cross-site Scripting
Apache Syncope Enduser is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of user-controlled input on the Enduser Login page, allowing attackers to inject malicious scripts via crafted links, which can execute in the victim’s browser and potentially...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Enduser Login page. An attacker can access sensitive user credentials by tricking a legitimate user into clicking a malicious link and logging in. Details Cross-site scripting or XSS is a code...
Apache Syncope 跨站脚本漏洞
Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope suffers from a cross-site scripting vulnerability that stem...