Lucene search
Veracode Vulnerability DatabaseVERACODE:5656HistoryJan 05, 2018 - 6:43 a.m.
Cross-site Scripting (XSS)
2018-01-0506:43:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
EPSS
0.001
Percentile
40.7%
cloudfoundry-identity-uaa is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary Javascript through the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint.
Related
github
github
cve
cve
CVE-2018-1190
2018-01-04 06:29:00
cloudfoundry
cloudfoundry
osv
osv
Pivotal Cloud Foundry UAA XSS on UAA OpenID Connect check session iframe endpoint
2022-05-13 01:10:01
CVE-2018-1190
2018-01-04 06:29:00
prion
prion
Cross site scripting
2018-01-04 06:29:00
cvelist
cvelist
CVE-2018-1190
2018-01-04 06:00:00
nvd
nvd
CVE-2018-1190
2018-01-04 06:29:00