Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-32792

Related Vulnerabilities: CVE-2021-32792  

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.

Source

Description

The MITRE CVE dictionary describes this issue as:

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.

Additional Information

  • Bugzilla 1986397: CVE-2021-32792 mod_auth_openidc: XSS when using OIDCPreservePost On
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • FAQ: Frequently asked questions about CVE-2021-32792

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started