Cross-Site Scripting Vulnerabilities in Shibboleth by Internet2 Middleware Initiative
CVE-2009-3300

Currently unrated

Key Information:

Vendor

Internet2

Status
Identity Provider
Service Provider
Vendor
CVE Published:
6 November 2009

What is CVE-2009-3300?

Shibboleth by Internet2 Middleware Initiative contains multiple vulnerabilities that allow remote attackers to inject arbitrary web scripts or HTML. These vulnerabilities stem from improper handling of URLs encountered in redirections and appear in automatically generated forms. Attackers can exploit these weaknesses to execute malicious scripts within the user's browser, potentially compromising sensitive information and user interactions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.debian.org/security/2009/dsa-1947
vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/37237
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/54140
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.