Whitesourcesoftware

whitesourcesoftware

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Whitesource

whitesource

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-5304 1Whitesourcesoftware 1Whitesource Nov 21, 2024 Jun 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creat...Show more The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also insert malicious data and false entries.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2020-5304

1Whitesourcesoftware

1Whitesource

Nov 21, 2024

Jun 8, 2020

N/A· v4

7.5 HIGH· v3

5.0 MEDIUM· v2

The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creat...Show more