Skip to content

Instantly share code, notes, and snippets.

@gajendkmr
gajendkmr / gist:261f45e06c41656131a651c920c7f406
Created Aug 28, 2020
Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS
View gist:261f45e06c41656131a651c920c7f406
Vulnerability Description
Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS. The vulnerability affects versions 6.5.0.4, 6.0.0.6.
The vulnerability is responsibly disclosed to the vendor and fixed in the latest version. The CVE request is filed after consent from the vendor.
Vulnerability Type
Cross Site Scripting (XSS)
Affected Vendor