MEDIUM🇵🇱 Wersja polska

CVE-2019-19381

CVSS 6.1v3.1pub. 2020-03-11upd. 2024-11-21

oauth/oauth2/v1/saml/ in Abacus OAuth Login 2019_01_r4_20191021_0000 before prior to R4 (20.11.2019 Hotfix) allows Reflected Cross Site Scripting (XSS) via an error message.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Abacus

    APP
    Abacus
    2019-11-20
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2022-1065HIGH8.1ten sam vendor

A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second ...