Lucene search
PRIOn knowledge basePRION:CVE-2019-17557HistoryMay 04, 2020 - 1:15 p.m.
Design/Logic Flaw
2020-05-0413:15:00
PRIOn knowledge base
www.prio-n.com
3
It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string.
References
Related
nvd
nvd
CVE-2019-17557
2020-05-04 13:15:11
veracode
veracode
Cross-Site Scripting (XSS)
2020-05-04 05:14:56
github
github
Cross-site scripting in Apache Syncome EndUser
2022-01-06 19:38:07
osv
osv
Cross-site scripting in Apache Syncome EndUser
2022-01-06 19:38:07
CVE-2019-17557
2020-05-04 13:15:00
cve
cve
CVE-2019-17557
2020-05-04 13:15:11
cvelist
cvelist
CVE-2019-17557
2020-05-04 12:27:31