Unrated severityNVD Advisory· Published Mar 22, 2021· Updated Aug 3, 2024
CVE-2021-28963
CVE-2021-28963
Description
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Shibboleth/Shibboleth Service Providerdescription
- Range: <3.2.1
Patches
Vulnerability mechanics
References
5- bugs.debian.org/985405mitrex_refsource_MISC
- git.shibboleth.net/view/mitrex_refsource_MISC
- issues.shibboleth.net/jira/browse/SSPCPP-922mitrex_refsource_MISC
- shibboleth.net/community/advisories/secadv_20210317.txtmitrex_refsource_MISC
- www.debian.org/security/2021/dsa-4872mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.