Max CVSS 6.0 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-3888 5.0
A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUE
20-02-2022 - 06:11 12-06-2019 - 14:29
CVE-2019-3872 3.5
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unau
09-10-2019 - 23:49 12-06-2019 - 14:29
CVE-2019-3873 6.0
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further a
06-07-2019 - 19:15 12-06-2019 - 14:29
Back to Top Mark selected
Back to Top