Lucene search
Redhat.comRH:CVE-2019-3873HistoryOct 11, 2019 - 5:29 p.m.
CVE-2019-3873
2019-10-1117:29:24
redhat.com
access.redhat.com
9
0.001 Low
EPSS
Percentile
37.0%
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
Related
veracode
veracode
Cross-site Scripting (XSS)
2019-06-17 00:21:06
cve
cve
CVE-2019-3873
2019-06-12 14:29:04
nvd
nvd
CVE-2019-3873
2019-06-12 14:29:04
cvelist
cvelist
CVE-2019-3873
2019-06-12 13:43:46
prion
prion
Cross site scripting
2019-06-12 14:29:00
nessus
nessus
