baigoStudio/baigoSSO

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases6

Frequency6 months 1 week

Last Release about 4 years ago

Stars314

单点登录系统

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-20584 ↗	Jul 8, 2021Thursday, 8 July 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
CVE-2019-10015 ↗	Mar 24, 2019Sunday, 24 March 2019, 22:29	—	6.5 MEDIUM
baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file.