9 matches found
CVE-2020-8160
MendixSSO = 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload m...
CVE-2010-10002
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to cross site...
SimpleSAMLphp simplesamlphp-module-openid
A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to cross site scripting. It is possible to...
GHSA-GGJ9-6X8J-49W9 SimpleSAMLphp simplesamlphp-module-openid
A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to cross site scripting. It is possible to...
CVE-2010-10002
The vulnerability CVE-2010-10002 affects the SimpleSAMLphp package, specifically the simplesamlphp-module-openid OpenID Handler. The issue is an input manipulation in the file templates/consumer.php (AuthState) that enables cross-site scripting. Exploitation can be performed remotely; the attack ...
PT-2023-9886 · Unknown · Simplesamlphp-Module-Openid +1
Name of the Vulnerable Software and Affected Versions: SimpleSAMLphp simplesamlphp-module-openid versions prior to 1.0 Description: A vulnerability has been found in the OpenID Handler component of SimpleSAMLphp simplesamlphp-module-openid. The issue affects an unknown function of the file...
CVE-2020-8160
MendixSSO = 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload m...
Cross site scripting
MendixSSO = 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload m...
CVE-2020-8160
MendixSSO = 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload m...