Page 10 of 46 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12346 – SAML Single Sign On – SAML SSO Login < 4.8.73 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-12346
In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post. En el plugin Single Sign On de miniOrange SAML SP anterior a versión 4.8.73 para WordPress, el Endpoint Login de SAML es vulnerable a ataques XSS por medio de una publicación XML SAMLResponse especialmente creada. • https://wpvulndb.com/vulnerabilities/9397 https://zeroauth.ltd/blog/2019/05/27/cve-2019-12346-miniorange-saml-sp-single-sign-on-wordpress-plugin-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •