Cross-site Scripting (XSS)

2017-05-3006:09:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

50.3%

JSON

doorkeeper is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary javascript via the authorizations and applications view forms.

CPENameOperatorVersion
doorkeeperle4.2.5

CPE	Name	Operator	Version
	doorkeeper	le	4.2.5

References

github.com/doorkeeper-gem/doorkeeper/issues/969

github.com/doorkeeper-gem/doorkeeper/pull/970

0.001 Low

EPSS

Percentile

50.3%

JSON

Related for VERACODE:4325