Return to site
Return to site

CVE-2020-5497 – MITREid Connect XSS

CVE-2020-5497 – MITREid Connect XSS



















mitreid connect, mitreid connect spring boot, mitreid connect tutorial, mitreid connect docker, mitreid connect example, mitreid connect server, mitreid connect maven, mitreid connect documentation, mitreid connect client, mitreid connect ldap



CVE-2020-5497 The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being.... A name such as: Testalert(1) would also work; it is included in the page when menus are created by *topbar.tag*:
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save