VYPR

Identityserver4

by Duendearchive

Source repositories

CVEs (1)

  • CVE-2018-8899MedMar 22, 2018
    risk 0.00cvss 6.1epss 0.01

    IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations.