Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ping Identity Self-Service Account Manager SSAMController.java cross site scripting
Vulnerability Description
A vulnerability, which was classified as problematic, has been found in Ping Identity Self-Service Account Manager 1.1.2. Affected by this issue is some unknown functionality of the file src/main/java/com/unboundid/webapp/ssam/SSAMController.java. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.1.3 is able to address this issue. The patch is identified as f64b10d63bb19ca2228b0c2d561a1a6e5a3bf251. It is recommended to upgrade the affected component. VDB-225362 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Ping Identity Self-Service Account Manager 跨站脚本漏洞
Vulnerability Description
Ping Identity Self-Service Account Manager(Ping Identity SSAM)是美国Ping Identity公司的一个 Java web 应用程序。使用户可以执行自己的帐户注册、配置文件更新和密码更改。 Ping Identity Self-Service Account Manager 1.1.2版本存在跨站脚本漏洞,该漏洞源于存在跨站脚本(XSS)漏洞。
CVSS Information
N/A
Vulnerability Type
N/A