CVE-2012-0908
Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attackers to inject arbitrary web script or HTML via the link_href parameter.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
simplesamlphp | simplesamlphp | 𝑥 ≤ 1.8.1 |
simplesamlphp | simplesamlphp | 0.4 |
simplesamlphp | simplesamlphp | 0.5 |
simplesamlphp | simplesamlphp | 1.0 |
simplesamlphp | simplesamlphp | 1.1 |
simplesamlphp | simplesamlphp | 1.2 |
simplesamlphp | simplesamlphp | 1.3 |
simplesamlphp | simplesamlphp | 1.4 |
simplesamlphp | simplesamlphp | 1.5 |
simplesamlphp | simplesamlphp | 1.5.1 |
simplesamlphp | simplesamlphp | 1.6 |
simplesamlphp | simplesamlphp | 1.6.1 |
simplesamlphp | simplesamlphp | 1.6.2 |
simplesamlphp | simplesamlphp | 1.6.3 |
simplesamlphp | simplesamlphp | 1.7 |
simplesamlphp | simplesamlphp | 1.8 |
Ubuntu Releases
Common Weakness Enumeration