2 matches found
PT-2024-35456 · Unknown · Simplesamlphp Saml2 Library
Name of the Vulnerable Software and Affected Versions: SimpleSAMLphp SAML2 library versions prior to 4.6.14 SimpleSAMLphp SAML2 library versions prior to 5.0.0-alpha.18 Description: The SimpleSAMLphp SAML2 library is vulnerable to an XML External Entity XXE attack when loading untrusted XML...
Snipe-IT Cross-Site Scripting Vulnerability
Snipe-IT is an open source IT asset/license management system. A cross-site scripting vulnerability exists in Snipe-IT versions prior to 4.6.14. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...