Vulnerabilities > Miniorange > Saml

DATE CVE VULNERABILITY TITLE RISK
2021-08-13 CVE-2021-36785 Cross-site Scripting vulnerability in Miniorange Saml
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows XSS.
network
low complexity
miniorange CWE-79
5.4
5.4
2021-08-13 CVE-2021-36786 Insecure Storage of Sensitive Information vulnerability in Miniorange Saml
The miniorange_saml (aka Miniorange Saml) extension before 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys.
network
low complexity
miniorange CWE-922
7.5
7.5