Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS. The vulnerability affects versions 6.5.0.4, 6.0.0.6.
References
Link | Resource |
---|---|
https://gist.github.com/gajendkmr/261f45e06c41656131a651c920c7f406 | Third Party Advisory |
https://www.nccgroup.com/us/our-research/?research=Technical+advisories | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-08-31 16:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-17465
Mitre link : CVE-2020-17465
CVE.ORG link : CVE-2020-17465
JSON object : View
Products Affected
forgerock
- identity_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')