VYPR
Unrated severityNVD Advisory· Published Mar 31, 2020· Updated Aug 4, 2024

CVE-2019-10180

CVE-2019-10180

Description

A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service (TPS) did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting (XSS) vulnerability. An attacker able to modify the parameters of any token could use this flaw to trick an authenticated user into executing arbitrary JavaScript code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Pki Core Project/Pki Corellm-fuzzy2 versions
    10.x.x+ 1 more
    • (no CPE)range: 10.x.x
    • (no CPE)range: all pki-core 10.x.x versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.