VYPR

Maven package

org.wso2.identity.apps/authentication-portal

pkg:maven/org.wso2.identity.apps/authentication-portal

Vulnerabilities (2)

  • CVE-2024-6429Sep 23, 2025
    affected < 2.4.4fixed 2.4.4

    A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiti

  • CVE-2023-6837HigDec 15, 2023
    affected < 1.6.179.1fixed 1.6.179.1

    Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: * An IDP configured for federated authentication and JIT pr