Cross-site scripting (XSS) vulnerability in the logon page in NYU OpenSSO Integration 2.1 and previous versions for Ex Libris Patron Directory Services (PDS) allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nyu opensso integration |