3 matches found
Exploit for CVE-2022-41852
Remote Code Execution in JXPath Library CVE-2022-41852 Proof...
Michael Stepankin OpenID-Connect-Java-Spring-Server Server-Side Request Forgery Vulnerability
Michael Stepankin OpenID-Connect-Java-Spring-Server is a GlobalMichael Stepankin open source application system provides OpenID Connect identity provider and generic OAuth 2.0 authorization server Michael Stepankin OpenID-Connect-Java-Spring-Server suffers from a server-side request forgery...
MITREid 1.3.3 Cross Site Scripting
MITREid Connect OpenID-Connect-Java-Spring-Server version 1.3.3 and earlier is vulnerable to Cross-Site Scripting; the users name is included in topbar.tag and header.tag without being sanitized. A user can set their name to a value like: Testalert1 Which will be included in JSON used by a...