Unrated severityNVD Advisory· Published Jun 12, 2019· Updated Aug 4, 2024
CVE-2019-3872
CVE-2019-3872
Description
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Red Hat/picketlinkv5Range: as shipped with Jboss Enterprise Application Platform 7.2.x and 7.1.x
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/108732mitrevdb-entryx_refsource_BID
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.