Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 6, 2024
CVE-2015-5216
CVE-2015-5216
Description
The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via an HTTP response.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.openwall.com/lists/oss-security/2015/10/27/8mitrex_refsource_MISC
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- pagure.io/ipsilon/a503aa9c2a30a74e709d1c88099befd50fb2eb16mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.