CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2021/09/01 6:36 p.m.•17 views

GHSA-G485-29GQ-6H2H Sensitive Data Exposure in miniorange_saml

The miniorangesaml aka Miniorange Saml extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys...

7.5CVSS7.5AI score0.00996EPSS

Exploits0References3

Github Security Blog•added 2021/09/01 6:36 p.m.•29 views

Sensitive Data Exposure in miniorange_saml

The miniorangesaml aka Miniorange Saml extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys...

7.5CVSS7.4AI score0.00996EPSS

Exploits0References3Affected Software1

Prion•added 2021/08/13 5:15 p.m.•15 views

Command injection

The miniorangesaml aka Miniorange Saml extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys...

5CVSS7.6AI score0.00996EPSS

Exploits0References2Affected Software1

CVE•added 2021/08/13 4:12 p.m.•110 views

CVE-2021-36786

CVE-2021-36786 concerns the miniorange_saml (Miniorange Saml) extension for TYPO3, prior to version 1.4.3. The issue is an information disclosure vulnerability that allows exposure of API credentials and private keys due to inadequate handling/encoding, as described in multiple connected sources ...

7.5CVSS7.5AI score0.00996EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/08/13 4:12 p.m.•13 views

CVE-2021-36786

The miniorangesaml aka Miniorange Saml extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys...

7.8AI score0.00996EPSS

Exploits0References2

Cvelist•added 2021/08/13 4:11 p.m.•10 views

CVE-2021-36785

The miniorangesaml aka Miniorange Saml extension before 1.4.3 for TYPO3 allows XSS...

5.8AI score0.00497EPSS

Exploits0References2

CVE•added 2021/08/13 4:11 p.m.•97 views

CVE-2021-36785

CVE-2021-36785 : The Miniorange SAML extension for TYPO3 (miniorange_saml) before version 1.4.3 is affected by a cross-site scripting (XSS) vulnerability due to improper encoding of user input in HTML context. The issue is documented in TYPO3’s advisory (typo3-ext-sa-2021-011) and multiple CVE re...

5.4CVSS5.8AI score0.00497EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by