📦 Syncope
by Apache
🔍 What is Syncope?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Apache Syncope versions before 3.0.15 and 4.0.3 use a hard-coded AES encryption key for password storage when configured to encrypt passwords in the database. This allows attackers who gain database a...
This reflected XSS vulnerability in Apache Syncope's Enduser Login page allows attackers to steal user credentials by tricking legitimate users into clicking malicious links. It affects Apache Syncope...
This CVE describes an XXE vulnerability in Apache Syncope Console that allows administrators with Keymaster parameter privileges to inject malicious XML. Successful exploitation could lead to sensitiv...
This stored cross-site scripting (XSS) vulnerability in Apache Syncope allows attackers to inject malicious scripts through incomplete HTML tags that bypass sanitization. Both Syncope Console administ...
This vulnerability allows attackers to inject HTML tags into text fields in Apache Syncope's Console and Enduser interfaces. When exploited, it enables cross-site scripting (XSS) attacks that could co...