Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 through 4.14.8 before 4.14.9, 5.0.0 through 5.11.4 before 5.11.5, and 6.0.0 through 6.19.0 before 6.20.0. The full product names are Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Data Center & Server (Kantega SSO Enterprise), Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Data Center & Server (Kantega SSO Enterprise), and Kantega SAML SSO OIDC Kerberos Single Sign-on for FeCru Server (Kantega SSO Enterprise). (Here, FeCru refers to the Atlassian Fisheye and Crucible products running together.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kantega SAML SSO OIDC Kerberos 安全漏洞
Vulnerability Description
Kantega SAML SSO OIDC Kerberos是Kantega公司的一个身份验证插件。 Kantega SAML SSO OIDC Kerberos 4.4.2 到 4.14.8、5.0.0 到 5.11.4 和 6.0.0 到 6.19.0版本存在安全漏洞,该漏洞源于错误的 URL 参数清理允许 HTML 注入到 SAML 登录页面。
CVSS Information
N/A
Vulnerability Type
N/A