syncope-core-persistence-jpa is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization on Connector names, Report names, and AnyTypeClass keys, allowing persistent XSS attacks.
CPE | Name | Operator | Version |
---|---|---|---|
apache syncope core persistence jpa | le | 2.1.1 | |
apache syncope core persistence jpa | le | 2.0.10 |