NotCVE - vendor:"Forgerock" product:"Access Management" version:"6.0.0"

Page 2 of 6 results (0.002 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-37154

https://notcve.org/view.php?id=CVE-2021-37154

In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion. En ForgeRock Access Management (AM) versiones anteriores a 7.0.2, la implementación de SAML2 permite una inyección de XML, permitiendo potencialmente una aserción fraudulenta de SAML versión 2.0. • https://backstage.forgerock.com/knowledge/kb/article/a55763454 https://www.forgerock.com/platform/access-management • CWE-91: XML Injection (aka Blind XPath Injection) •

1 2