The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser.
                
            Metrics
Affected Vendors & Products
Advisories
    | Source | ID | Title | 
|---|---|---|
|  Debian DLA | DLA-1273-1 | simplesamlphp security update | 
|  Debian DSA | DSA-4127-1 | simplesamlphp security update | 
|  EUVD | EUVD-2022-3835 | The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser. | 
|  Github GHSA | GHSA-fv7m-wc3v-wr3w | SimpleSAMLphp XSS Vulnerability | 
Fixes
    Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
        History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T21:13:48.638Z
Reserved: 2018-02-02T00:00:00
Link: CVE-2017-18121
 Vulnrichment
                        Vulnrichment
                    No data.
 NVD
                        NVD
                    Status : Modified
Published: 2018-02-02T15:29:00.207
Modified: 2024-11-21T03:19:23.513
Link: CVE-2017-18121
 Redhat
                        Redhat
                    No data.
 OpenCVE Enrichment
                        OpenCVE Enrichment
                    No data.