Maven package
org.wso2.identity.apps/authentication-portal
pkg:maven/org.wso2.identity.apps/authentication-portal
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-6429 | — | < 2.4.4 | 2.4.4 | Sep 23, 2025 | A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiti | ||
| CVE-2023-6837 | Hig | 8.5 | < 1.6.179.1 | 1.6.179.1 | Dec 15, 2023 | Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: * An IDP configured for federated authentication and JIT pr |
- CVE-2024-6429Sep 23, 2025affected < 2.4.4fixed 2.4.4
A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiti
- affected < 1.6.179.1fixed 1.6.179.1
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: * An IDP configured for federated authentication and JIT pr