Description

A potential JSON injection attack vector exists in PingFederate REST API data stores using the POST method and a JSON request body.

Related CPE's

Could not find any relations

References

https://docs.pingidentity.com/r/en-us/pingfederate-120/lwu1707324350083

Weaknesses

[email protected]

Secondary
CWE-94

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

3.5 · Low

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-07-09T23:15:10.397

3 months ago

Last modified

2024-07-11T13:05:54.930

3 months ago