VYPR
Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 6, 2024

CVE-2015-5216

CVE-2015-5216

Description

The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via an HTTP response.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ipsilon/Ipsiloninferred2 versions
    >=0.1.0,<1.0.1+ 1 more
    • (no CPE)range: >=0.1.0,<1.0.1
    • (no CPE)range: <1.0.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.