Identityserver Identityserver3 — known CVE vulnerabilities
Every CVE whose affected-product data names Identityserver Identityserver3, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2017-12677 — CVSS 6.1 (medium): IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow…