Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-22477

A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only.

Published

2024-07-09T23:15:10.827

Last Modified

2024-11-21T08:56:21.077

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 1.8 (LOW)

Weaknesses
  • Type: Secondary
    CWE-79
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application pingidentity pingfederate ≤ 10.3.13 Yes
Application pingidentity pingfederate ≤ 11.0.9 Yes
Application pingidentity pingfederate ≤ 11.1.9 Yes
Application pingidentity pingfederate ≤ 11.2.8 Yes
Application pingidentity pingfederate ≤ 11.3.4 Yes
Application pingidentity pingfederate 12.0.0 Yes
References