CVE-2018-19794

Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter.

Link	Resource
https://spaces.at.internet2.edu/display/Grouper/v2.4+issues	Vendor Advisory
https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html	Exploit Mailing List
https://bugs.internet2.edu/jira/browse/GRP-1838	Exploit Mailing List

Configuration 1

cpe:2.3:a:internet2:grouper:2.2:*:*:*:*:*:*:* cpe:2.3:a:internet2:grouper:2.3:*:*:*:*:*:*:*

---

Published : 2018-12-03 06:29

Updated : 2018-12-26 05:13

---

NVD link : CVE-2018-19794

Mitre link : CVE-2018-19794

No products.

CWE-79