CNNVD-202511-064 Information
Nov 03, 2025
cve
CNNVD ID
CNNVD-202511-064
Related CVE
- CNNVD Published: 2025-11-03
Description (Chinese)
SailPoint IdentityIQ是SailPoint公司的一个利用人工智能和机器学习实现无缝自动化供应的完整解决方案。 SailPoint IdentityIQ存在安全漏洞,该漏洞源于某些IdentityIQ Web服务可通过URL路径设置Content-Type为HTML,导致浏览器解释未正确转义的内容,可能引发跨站脚本攻击。
Description (English)
SailPoint Identity IQ is a complete solution for SailPoint to achieve seamless automated supply using artificial intelligence and machine learning. There is a security loophole in the SailPoint Identity IQ, which stems from the fact that certain Identity IQ Web services can set the Enter-Type for HTML via the URL path, leading the browser to explain what was misdirected and could trigger a cross-site script attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
SailPoint
Published
2025-11-03
Last Modified
2026-02-24