Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

CVE-2026-2575 Keycloak: keycloak: denial of service due to excessive samlrequest decompression

A flaw was found in Keycloak. An unauthenticated remote attacker can trigger an application level Denial of Service DoS by sending a highly compressed SAMLRequest through the SAML Redirect Binding. The server fails to enforce size limits during DEFLATE decompression, leading to an OutOfMemoryErro...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the SAMLRequest DEFLATE decompression. An attacker can cause service disruption by sending a highly compressed requests that trigger excessive resource consumption durin...

EUVD-2019-13485

Malware in sbrugna...

GHSA-46R4-F8GJ-XG56 The SimpleSAMLphp SAML2 library incorrectly verifies signatures for HTTP-Redirect binding

Summary There's a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to accept an unsigned message. I believe that it exists for v4 only. I have not yet developed a PoC. V5 is well designed and...

The SimpleSAMLphp SAML2 library incorrectly verifies signatures for HTTP-Redirect binding

Summary There's a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to accept an unsigned message. I believe that it exists for v4 only. I have not yet developed a PoC. V5 is well designed and...

CVE-2022-23170

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity...

Xxe

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity...

CVE-2022-23170 SysAid - Okta SSO integration

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity...

Red Hat JBoss Enterprise Application Platform 7.x < 7.2.2 Multiple Vulnerabilities

The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.2. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:1424 advisory: - picketlink: reflected XSS in SAMLRequest via RelayState parameter CVE-2019-387...

CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

Cross-site Scripting (XSS)

picketlink is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim's browser through an SAMLRequest via the RelayState parameter...

CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

Cross site scripting

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

CVE-2019-3872

CVE-2019-3872 affects Picketlink components shipped with Red Hat/JBoss EAP 7.1.x and 7.2.x. A SAMLRequest containing a script could be processed by Picketlink, enabling cross-site scripting (XSS) and potential unauthorized information disclosure or follow-up attacks. Publicly provided connected d...

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update

A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.2 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

picketlink: reflected XSS in SAMLRequest via RelayState parameter

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks...

sso.capes.gov.br XSS vulnerability

Open Bug Bounty ID: OBB-621195 Description| Value ---|--- Affected Website:| sso.capes.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...