simplesamlphp/simplesamlphp is vulnerable to cross-site scripting (XSS). The vulnerability exists through the unsanitized value of $this->text
in Utils/EMail.php
, which is subsequently rendered and executed when a browser loads www/errorreport.php
.
CPE | Name | Operator | Version |
---|---|---|---|
simplesamlphp/simplesamlphp | le | 1.18.3 |