Description
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
Remediation
References
Related Vulnerabilities
Joomla Missing Authorization Vulnerability (CVE-2020-10239)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
Restlet Framework Deserialization of Untrusted Data Vulnerability (CVE-2013-4271)
WordPress Plugin YITH WooCommerce Ajax Search Security Bypass (1.6.9)