32 matches found
EUVD-2009-3457
Malware in sbrugna...
EUVD-2009-3458
Malware in sbrugna...
EUVD-2018-11473
Malware in sbrugna...
EUVD-2009-3282
Malware in sbrugna...
CVE-2024-39848
Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Service...
CVE-2024-39848
Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Service...
CVE-2024-39848
CVE-2024-39848 affects Internet2 Grouper prior to 5.6 and Grouper for Web Services prior to 4.13.1. The issue is an authentication bypass when LDAP authentication is used in certain ways, linked to WsGrouperLdapAuthentication and the use of a hard-coded UyY29r password for the M3vwHr account. Imp...
PT-2024-28699 · Internet2 · Grouper For Web Services +1
Name of the Vulnerable Software and Affected Versions: Internet2 Grouper versions prior to 5.6 Grouper for Web Services versions prior to 4.13.1 Description: The issue allows authentication bypass when LDAP authentication is used in certain ways. This is related to the...
CVE-2024-39848
Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Service...
CVE-2024-39848
Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Service...
Internet2 Grouper Security Vulnerability
Grouper is an Internet2 open source enterprise access management system designed for highly distributed management environments and heterogeneous information technology environments common to colleges and universities. A security vulnerability exists in Internet2 Grouper versions prior to 5.6 tha...
CVE-2018-19794
Cross-site scripting XSS vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter...
CVE-2018-19794
Cross-site scripting XSS vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter...
CVE-2018-19794
Cross-site scripting XSS vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter...
CVE-2018-19794
The CVE-2018-19794 entry describes a Cross-site Scripting (XSS) vulnerability in UiV2Public.index of Internet2 Grouper versions 2.2 and 2.3, allowing remote attackers to inject arbitrary web script or HTML via the code parameter. Affected product is Internet2 Grouper (UiV2Public.index) with the u...
Internet2 Grouper Cross-Site Scripting Vulnerability
Internet2 Grouper is a distributed IT central access management system. A cross-site scripting vulnerability exists in UiV2Public.index in Internet2 Grouper versions 2.2 and 2.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the 'code' parameter...
CVE-2009-3300
Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...
CVE-2009-3300
Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...
Buffer overflow
Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute...