2.3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-21	CVE-2019-12250	Cross-site Scripting vulnerability in Identityserver Identityserver4 IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. network low complexity identityserver CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.