CVE-2019-17557 is a vulnerability in Apache Syncope
Published on May 4, 2020

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string.

NVD

Products Associated with CVE-2019-17557

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-17557 are published in Apache Syncope:

Apache Syncope

Exploit Probability

EPSS

1.19%

Percentile

78.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-17557 is a vulnerability in Apache SyncopePublished on May 4, 2020

Products Associated with CVE-2019-17557

Exploit Probability

CVE-2019-17557 is a vulnerability in Apache Syncope
Published on May 4, 2020