2360 matches found
CVE-2025-12789
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirecturi parameter associated with the openid-connect logout protocol does not properly validate the provided URL...
Red Hat Single Sign-On 输入验证错误漏洞
Red Hat Single Sign-On is an authentication and access control system from Red Hat USA. The tool is responsible for authentication and access control functions for systems that support most authentication protocols Oauth, OpenId Connect, etc., and can easily integrate with most products such as...
CVE-2025-12789 Rhsso: open redirect
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirecturi parameter associated with the openid-connect logout protocol does not properly validate the provided URL...
EUVD-2025-38190
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirecturi parameter associated with the openid-connect logout protocol does not properly validate the provided URL...
CVE-2025-12789 Rhsso: open redirect
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirecturi parameter associated with the openid-connect logout protocol does not properly validate the provided URL...
CVE-2025-12789
The CVE-2025-12789 issue affects Red Hat Single Sign-On and is an Open Redirect vulnerability during the logout process. The root cause is that the redirect_uri parameter used in the openid-connect logout flow is not properly validated, enabling potential redirection to a malicious URL. Documents...
CVE-2025-12789
A flaw was found in Red Hat Single Sign-On. This issue is an Open Redirect vulnerability that occurs during the logout process. The redirecturi parameter associated with the openid-connect logout protocol does not properly validate the provided URL. Mitigation Mitigation for this issue is either...
PT-2025-45393
Name of the Vulnerable Software and Affected Versions Red Hat Single Sign-On affected versions not specified Description An Open Redirect issue exists in Red Hat Single Sign-On during the logout process. The redirect uri parameter within the openid-connect logout protocol does not properly valida...
WordPress Inactive Logout plugin cross-site scripting vulnerability
WordPress Inactive Logout plugin is a WordPress security plugin for automatically terminating inactive user sessions to prevent unauthorized access. The WordPress Inactive Logout plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering...
WordPress Inactive Logout plugin <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by shark3y in WordPress Plugin Inactive Logout versions = 3.5.5...
Proofpoint Insider Threat Management Server 安全漏洞
Proofpoint Insider Threat Management Server is a server-side application from U.S.-based Proofpoint, Inc. that is used to prevent malicious operations by enterprise insiders. A security vulnerability exists in Proofpoint Insider Threat Management Server versions prior to 7.17.2, which originates...
CVE-2025-11922
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
EUVD-2025-37405
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922 Inactive Logout <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922 Inactive Logout <= 3.5.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting
The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'inaredirectpageindividualuser' parameter in all versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-11922
CVE-2025-11922: Inactive Logout for WordPress
PT-2025-44698
Name of the Vulnerable Software and Affected Versions Inactive Logout plugin for WordPress versions up to and including 3.5.5 Description The Inactive Logout plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping...
WordPress plugin Inactive Logout 跨站脚本漏洞
WordPress Inactive Logout plugin is a WordPress security plugin for automatically terminating inactive user sessions to prevent unauthorized access. The WordPress Inactive Logout plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering...
Unspecified vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29094)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which stems from a failed logout feature. No...