Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Zendesk Subscribe
Filtered by product Samlr
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20857 1 Zendesk 1 Samlr 2019-08-01 5.0 MEDIUM 7.5 HIGH
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name.