Vulnerability Details CVE-2019-13564
XSS exists in Ping Identity Agentless Integration Kit before 1.5.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/154274/Ping-Identity-Agentless-Integration-Kit-Cross-Site-Scripting.html
- http://seclists.org/fulldisclosure/2019/Aug/33
- https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190305-01_Ping_Identity_Agentless_Integration_Kit_Reflected_XSS
- https://support.pingidentity.com/s/document-item?bundleId=integrations&topicId=Integration_Kits%2FAgentless%2FagentlessIK_c_changelog.html
- http://packetstormsecurity.com/files/154274/Ping-Identity-Agentless-Integration-Kit-Cross-Site-Scripting.html
- http://seclists.org/fulldisclosure/2019/Aug/33
- https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190305-01_Ping_Identity_Agentless_Integration_Kit_Reflected_XSS
- https://support.pingidentity.com/s/document-item?bundleId=integrations&topicId=Integration_Kits%2FAgentless%2FagentlessIK_c_changelog.html
Products affected by CVE-2019-13564
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.0
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.1
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.2
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.2.1
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.3
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.3.1
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.3.2
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.3.3
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.4
-
cpe:2.3:a:pingidentity:agentless_integration_kit:1.4.1