CVE-2021-28290 · Vexday

CVE-2021-28290

EPSS 0.6%

A cross-site scripting (XSS) vulnerability in Skoruba IdentityServer4.Admin before 2.0.0 via unencoded value passed to the data-secret-value parameter.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/skoruba/IdentityServer4.Admin/issues/813