Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Red Hat JBoss Enterprise Application Platform Picketlink 跨站脚本漏洞
Vulnerability Description
Red Hat JBoss Enterprise Application Platform(EAP)和Picketlink都是美国红帽(Red Hat)公司的产品。Red Hat JBoss Enterprise Application Platform是一套开源的、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。Picketlink是一个针对Java应用进行安全和身份认证管理的项目。 Red Hat JBoss EAP 7.2.x版本和7.1.x版本中的Picketlin
CVSS Information
N/A
Vulnerability Type
N/A