Количество 4
Количество 4
CVE-2019-3873
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
CVE-2019-3873
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
GHSA-59jq-66fv-jgww
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
BDU:2020-04802
Уязвимость компонента Picketlink платформы JBoss Enterprise Application Platform, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-3873 It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. | CVSS3: 6.4 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-3873 It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. | CVSS3: 6.4 | 0% Низкий | больше 6 лет назад |
| GHSA-59jq-66fv-jgww It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. | CVSS3: 9 | 0% Низкий | больше 3 лет назад |
 | BDU:2020-04802 Уязвимость компонента Picketlink платформы JBoss Enterprise Application Platform, позволяющая нарушителю осуществлять межсайтовые сценарные атаки | CVSS3: 9 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу