Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter.
References
Link | Resource |
---|---|
https://bugs.internet2.edu/jira/browse/GRP-1838 | Exploit Mailing List Vendor Advisory |
https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html | Exploit Mailing List Patch Vendor Advisory |
https://spaces.at.internet2.edu/display/Grouper/v2.4+issues | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-12-03T06:00:00
Updated: 2018-12-03T06:57:01
Reserved: 2018-12-03T00:00:00
Link: CVE-2018-19794
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-03T06:29:00.557
Modified: 2018-12-26T17:13:20.117
Link: CVE-2018-19794
JSON object: View
Redhat Information
No data.
CWE