EPSS
Percentile
33.8%
cloudfoundry-identity-scim is vulnerable to cross-site scripting (XSS). The vulnerability exists through the lack of sanitization of filter in the returned ScimException.
filter
ScimException
github.com/cloudfoundry/uaa/commit/a34f55fc97a81966faf21e3ae404ec24f1f31cf7
www.cloudfoundry.org/blog/cve-2019-11274
www.cloudfoundry.org/blog/cve-2019-11274/