Lucene search
Veracode Vulnerability DatabaseVERACODE:7692HistoryNov 07, 2018 - 6:02 a.m.
Cross-site Scripting (XSS)
2018-11-0706:02:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.001 Low
EPSS
Percentile
40.0%
syncope-core-persistence-jpa is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization on Connector names, Report names, and AnyTypeClass keys, allowing persistent XSS attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache syncope core persistence jpa | le | 2.1.1 | |
| apache syncope core persistence jpa | le | 2.0.10 |
Related
nvd
nvd
CVE-2018-17184
2018-11-06 19:29:00
cvelist
cvelist
CVE-2018-17184
2018-11-06 00:00:00
github
github
Improper Control of Interaction Frequency in Apache syncope-core
2018-11-06 23:16:18
cve
cve
CVE-2018-17184
2018-11-06 19:29:00
osv
osv
Improper Control of Interaction Frequency in Apache syncope-core
2018-11-06 23:16:18
CVE-2018-17184
2018-11-06 19:29:00
prion
prion
Hardcoded credentials
2018-11-06 19:29:00