ReportizFlow
Filtered by vendor Internet2
Subscriptions
Filtered by product Grouper
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59714 | 1 Internet2 | 1 Grouper | 2025-09-19 | 6.5 Medium |
| In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs. | ||||
| CVE-2024-39848 | 1 Internet2 | 1 Grouper | 2025-03-27 | 9.1 Critical |
| Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Services" before 4.13.1. | ||||
| CVE-2018-19794 | 1 Internet2 | 1 Grouper | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter. | ||||
Page 1 of 1.