PT-2020-18479 · Mitre · Mitreid Connect
Name of the Vulnerable Software and Affected Versions: MITREid Connect versions 1.3.3 and earlier Description: The issue allows for XSS due to userInfoJson being included in the page unsanitized, related to header.tag. This can be exploited to execute arbitrary JavaScript. The user's name is...