8 matches found
EUVD-2019-0601
Malware in sbrugna...
CVE-2018-20857
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with [email protected] followed by . and then the attacker's domain name...
GHSA-QPXP-5J56-GG3X samlr XML nodes comment attack
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with [email protected] followed by . and then the attacker's domain name...
samlr XML nodes comment attack
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with [email protected] followed by . and then the attacker's domain name...
samlr XML nodes comment attack
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with [email protected] followed by . and then the attacker's domain name...
Code injection
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with email protected followed by . and then the attacker's domain name...
CVE-2018-20857
CVE-2018-20857 concerns Zendesk Samlr prior to 2.6.2, which is vulnerable to an XML nodes comment attack in a name_id node (example: [email protected] followed by ). The attack sequence could append the attacker’s domain name. Public references from Red Hat, GitHub, OSV, and Veracode describe this...
CVE-2018-20857
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a nameid node with [email protected] followed by . and then the attacker's domain name...