CVE-2020-5497

Posted on 2020년 1월 4일2020년 1월 4일 by admin

CVE-2020-5497

The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be exploited to execute arbitrary JavaScript.

Source: CVE-2020-5497

답글 남기기 응답 취소