4 matches found
Cross site scripting
ZmartZone IAM modauthopenidc 2.3.10.1 and earlier is affected by: Cross Site Scripting XSS. The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/modauthopenidc.c, Line: 3109. The fixed version is: 2.3.10.2...
CVE-2019-1010247
ZmartZone IAM modauthopenidc 2.3.10.1 and earlier is affected by: Cross Site Scripting XSS. The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/modauthopenidc.c, Line: 3109. The fixed version is: 2.3.10.2...
CVE-2019-1010247
ZmartZone IAM modauthopenidc 2.3.10.1 and earlier is affected by: Cross Site Scripting XSS. The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/modauthopenidc.c, Line: 3109. The fixed version is: 2.3.10.2...
CVE-2017-6059
Modauthopenidc.c in the Ping Identity OpenID Connect authentication module for Apache aka modauthopenidc before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request...