Vulnerabilities in OpenAM consortium

5 results

CVE-2019-5915—Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conducEPSS 1.1%CVE-2018-0696—OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the secEPSS 1.1%CVE-2023-22320HIGHOpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerEPSS 0.7%CVE-2022-31735—OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an EPSS 0.4%CVE-2025-8662LOWOpenAM (OpenAM Consortium Edition) contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This isEPSS 0.3%