a466350665 Smart-SSO Login login.html cross site scripting
Platform
java
Component
smart-sso
Opgelost in
2.1.1
2.1.2
CVE-2026-2971 describes a cross-site scripting (XSS) vulnerability discovered in Smart-SSO versions 2.1.0 through 2.1.1. This flaw allows attackers to inject malicious scripts into the application, potentially leading to session hijacking and data theft. The vulnerability resides within the login.html template, specifically in the handling of the redirectUri parameter. A public exploit is available, increasing the risk of exploitation.
Detecteer deze CVE in je project
Upload je pom.xml-bestand en we vertellen je direct of je getroffen bent.
Impact en Aanvalsscenarioswordt vertaald…
Successful exploitation of CVE-2026-2971 enables an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to a variety of malicious actions, including stealing session cookies, redirecting users to phishing sites, and defacing the application's interface. The attacker could potentially gain access to sensitive user data, such as credentials and personal information. Given the public availability of an exploit, this vulnerability presents a significant and immediate threat to organizations using affected versions of Smart-SSO.
Uitbuitingscontextwordt vertaald…
CVE-2026-2971 has been publicly disclosed and a proof-of-concept exploit is available. This significantly increases the likelihood of exploitation. The vulnerability was reported on 2026-02-23. The vendor was contacted but did not respond. The EPSS score is likely medium to high due to the public exploit and lack of vendor response.
Wie Loopt Risicowordt vertaald…
Organizations utilizing Smart-SSO for single sign-on (SSO) and identity management are at risk, particularly those relying on versions 2.1.0 through 2.1.1. Shared hosting environments where multiple tenants share the same Smart-SSO instance are especially vulnerable, as a compromise of one tenant could potentially impact others.
Detectiestappenwordt vertaald…
• java / server: Monitor application logs for unusual activity related to the login page, specifically looking for suspicious redirectUri parameters. Use a Java profiler to examine the handling of the redirectUri parameter in the login.html template. • generic web: Use curl/wget to test the login endpoint with various redirectUri parameters. Inspect the response for any signs of script execution.
curl -d 'redirectUri=javascript:alert("XSS")' http://your-smart-sso-server/loginAanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.03% (8% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Vereist — slachtoffer moet een bestand openen, op een link klikken of een pagina bezoeken.
- Scope
- Ongewijzigd — impact beperkt tot het kwetsbare component.
- Confidentiality
- Geen — geen vertrouwelijkheidsimpact.
- Integrity
- Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
- Availability
- Geen — geen beschikbaarheidsimpact.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2026-2971 is to upgrade Smart-SSO to a version that addresses the vulnerability. Unfortunately, a fixed version is not explicitly mentioned in the provided data. As an immediate workaround, implement strict input validation and sanitization on the redirectUri parameter within the login.html template. This should include whitelisting allowed redirect URLs and escaping any user-supplied input. Consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious redirectUri values. Monitor application logs for any unusual activity related to the login page.
Hoe te verhelpen
Werk Smart-SSO bij naar een versie later dan 2.1.1 die de XSS-kwetsbaarheid verhelpt. Indien er geen versie beschikbaar is, controleer en filter dan de invoer van de redirectUri-parameter om de injectie van kwaadaardige code te voorkomen.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2026-2971 — XSS in Smart-SSO?
CVE-2026-2971 is a cross-site scripting (XSS) vulnerability affecting Smart-SSO versions 2.1.0-2.1.1, allowing attackers to inject malicious scripts.
Am I affected by CVE-2026-2971 in Smart-SSO?
You are affected if you are using Smart-SSO versions 2.1.0 or 2.1.1 and have not upgraded to a patched version.
How do I fix CVE-2026-2971 in Smart-SSO?
Upgrade to a patched version of Smart-SSO. Until a patch is available, implement strict input validation on the redirectUri parameter and consider a WAF.
Is CVE-2026-2971 being actively exploited?
Yes, a public exploit exists, indicating a high likelihood of active exploitation.
Where can I find the official Smart-SSO advisory for CVE-2026-2971?
The vendor did not respond to early disclosure attempts. Check the Smart-SSO website and security mailing lists for updates.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.