Every CVE whose affected-product data names Mitreid Connect, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-26715 — CVSS 9.1 (critical): The OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Server Side Request Forgery (SSRF) vulnerability. The…
CVE-2021-27582 — CVSS 9.1 (critical): org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3…
CVE-2020-5497 — CVSS 6.1 (medium): The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page…