Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SimplesamlphpSimplesamlphp

3 matches found

CVE
CVEadded 2017/02/17 2:59 a.m.63 views

CVE-2016-9955

The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.

6.3CVSS6.4AI score0.0041EPSS
CVE
CVEadded 2018/02/02 3:29 p.m.58 views

CVE-2017-18121

The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser.

6.1CVSS6.3AI score0.00355EPSS
CVE
CVEadded 2018/02/02 1:29 a.m.42 views

CVE-2018-6520

SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL.

6.1CVSS6.1AI score0.00165EPSS