Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenIDM through 4.0.0 and 4.5.0 is vulnerable to reflected cross-site scripting (XSS) attacks within the Admin UI, as demonstrated by the _sortKeys parameter to the authzRoles script under managed/user/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ForgeRock OpenIDM Admin UI 跨站脚本漏洞
Vulnerability Description
ForgeRock OpenIDM是美国ForgeRock公司的一套可扩展的用于管理身份生命周期和供应问题的身份认证管理工具。Admin UI是其中的一个后台管理界面。 ForgeRock OpenIDM 4.0.0及之前的版本和4.5.0版本中的Admin UI存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A