High severity7.5NVD Advisory· Published Jun 8, 2020· Updated Jun 17, 2026
CVE-2020-5304
CVE-2020-5304
Description
The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also insert malicious data and false entries.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- WhiteSource/Application Vulnerability Managementdescription
- Range: <20.4.1
- Range: <20.4.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.