Shibboleth Service Provider prior to 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
shibboleth service provider |
||
debian debian linux 10.0 |