Vulnerabilities > Ipsilon Project > Ipsilon > 1.1.0

DATE CVE VULNERABILITY TITLE RISK
2017-07-12 CVE-2016-8638 Session Fixation vulnerability in Ipsilon Project Ipsilon
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users.
network
low complexity
ipsilon-project CWE-384
critical
 9.1
9.1
2015-11-17 CVE-2015-5301 Permissions, Privileges, and Access Controls vulnerability in Ipsilon Project Ipsilon
providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP).
network
low complexity
ipsilon-project CWE-264
5.5
5.5