cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-3872,https://securityvulnerability.io/vulnerability/CVE-2019-3872,,It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.,Red Hat,Picketlink,5.4,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2019-06-12T13:45:56.000Z,0
CVE-2019-3873,https://securityvulnerability.io/vulnerability/CVE-2019-3873,,It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.,Red Hat,Picketlink,6.4,MEDIUM,0.0008699999889358878,false,false,false,false,,false,false,2019-06-12T13:43:46.000Z,0