Vulnerabilities > Forgerock > Access Management > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-14 | CVE-2022-3748 | Unspecified vulnerability in Forgerock Access Management Improper Authorization vulnerability in ForgeRock Inc. | 9.8 |
2021-08-25 | CVE-2021-37154 | XML Injection (aka Blind XPath Injection) vulnerability in Forgerock Access Management In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion. | 10.0 |