Plataforma
java
Componente
smart-sso
Corrigido em
2.1.1
2.1.2
CVE-2026-2971 describes a cross-site scripting (XSS) vulnerability discovered in Smart-SSO versions 2.1.0 through 2.1.1. This flaw allows attackers to inject malicious scripts into the application, potentially leading to session hijacking and data theft. The vulnerability resides within the login.html template, specifically in the handling of the redirectUri parameter. A public exploit is available, increasing the risk of exploitation.
Successful exploitation of CVE-2026-2971 enables an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to a variety of malicious actions, including stealing session cookies, redirecting users to phishing sites, and defacing the application's interface. The attacker could potentially gain access to sensitive user data, such as credentials and personal information. Given the public availability of an exploit, this vulnerability presents a significant and immediate threat to organizations using affected versions of Smart-SSO.
CVE-2026-2971 has been publicly disclosed and a proof-of-concept exploit is available. This significantly increases the likelihood of exploitation. The vulnerability was reported on 2026-02-23. The vendor was contacted but did not respond. The EPSS score is likely medium to high due to the public exploit and lack of vendor response.
Organizations utilizing Smart-SSO for single sign-on (SSO) and identity management are at risk, particularly those relying on versions 2.1.0 through 2.1.1. Shared hosting environments where multiple tenants share the same Smart-SSO instance are especially vulnerable, as a compromise of one tenant could potentially impact others.
• java / server: Monitor application logs for unusual activity related to the login page, specifically looking for suspicious redirectUri parameters. Use a Java profiler to examine the handling of the redirectUri parameter in the login.html template. • generic web: Use curl/wget to test the login endpoint with various redirectUri parameters. Inspect the response for any signs of script execution.
curl -d 'redirectUri=javascript:alert("XSS")' http://your-smart-sso-server/logindisclosure
Status do Exploit
EPSS
0.03% (percentil 8%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-2971 is to upgrade Smart-SSO to a version that addresses the vulnerability. Unfortunately, a fixed version is not explicitly mentioned in the provided data. As an immediate workaround, implement strict input validation and sanitization on the redirectUri parameter within the login.html template. This should include whitelisting allowed redirect URLs and escaping any user-supplied input. Consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious redirectUri values. Monitor application logs for any unusual activity related to the login page.
Atualize Smart-SSO para uma versão posterior a 2.1.1 que corrija a vulnerabilidade XSS (Cross-Site Scripting). Se nenhuma versão estiver disponível, revise e filtre as entradas do parâmetro redirectUri para evitar a injeção de código malicioso.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-2971 is a cross-site scripting (XSS) vulnerability affecting Smart-SSO versions 2.1.0-2.1.1, allowing attackers to inject malicious scripts.
You are affected if you are using Smart-SSO versions 2.1.0 or 2.1.1 and have not upgraded to a patched version.
Upgrade to a patched version of Smart-SSO. Until a patch is available, implement strict input validation on the redirectUri parameter and consider a WAF.
Yes, a public exploit exists, indicating a high likelihood of active exploitation.
The vendor did not respond to early disclosure attempts. Check the Smart-SSO website and security mailing lists for updates.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo pom.xml e descubra na hora se você está afetado.