Lucene search
Veracode Vulnerability DatabaseVERACODE:13358HistoryFeb 18, 2019 - 7:55 a.m.
Cross-site Scripting (XSS)
2019-02-1807:55:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
40.9%
github.com/ory/hydra is vulnerable to cross-site scripting (XSS). The vulnerability exists because it does not escape the error_hint parameter in the default error handler, allowing the attacker to inject arbitrary script through it.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/ory/hydra | eq | HEAD | |
| github.com/ory/hydra | le | 1.0.0-rc.2-oryOS.9 |
Related
cve
cve
CVE-2019-8400
2019-02-17 06:29:00
prion
prion
Cross site scripting
2019-02-17 06:29:00
nvd
nvd
CVE-2019-8400
2019-02-17 06:29:00
osv
osv
CVE-2019-8400
2019-02-17 06:29:00
cvelist
cvelist
CVE-2019-8400
2019-02-17 06:00:00