Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. A remote unauthenticated malicious attacker could craft a URL that contains a SCIM filter that contains malicious JavaScript, which older browsers may execute.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cloudfoundry.org/blog/cve-2019-11274 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: pivotal
Published: 2019-08-09T19:22:17.731034Z
Updated: 2024-09-16T20:12:34.197Z
Reserved: 2019-04-18T00:00:00
Link: CVE-2019-11274
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-08-09T20:15:11.207
Modified: 2024-11-21T04:20:49.930
Link: CVE-2019-11274
Redhat
No data.