RSS   Vulnerabilities for 'Opensso integration'   RSS

2015-01-02
 
CVE-2014-7294

CWE-Other
 

 
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

 
 
CVE-2014-7293

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to inject arbitrary web script or HTML via the url parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top