cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-3872,https://securityvulnerability.io/vulnerability/CVE-2019-3872,Cross-Site Scripting Vulnerability in JBoss Application Platform by Red Hat,"A security flaw exists in the Picketlink components of JBoss Application Platform versions 7.2.x and 7.1.x. This vulnerability arises from the improper handling of SAMLRequests containing scripts. An attacker may exploit this flaw by injecting malicious scripts, potentially allowing unauthorized access to sensitive information or enabling further attacks against the application. It is crucial for users of these JBoss versions to take immediate action to mitigate the associated risks.",Red Hat,Picketlink,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2019-06-12T13:45:56.000Z,0
CVE-2019-3873,https://securityvulnerability.io/vulnerability/CVE-2019-3873,Cross-Site Scripting Vulnerability in JBoss Enterprise Application Platform 7.2,"A vulnerability exists in Picketlink within JBoss Enterprise Application Platform 7.2 that allows an attacker to exploit an xinclude parameter in SAMLresponse XML. By sending a specially crafted URL, the attacker could leverage this vulnerability to execute arbitrary scripts in the context of the user's session, potentially leading to further attacks on the application or sensitive data exposure.",Red Hat,Picketlink,6.4,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2019-06-12T13:43:46.000Z,0