CVE-2012-5352

EPSS 0.23% · P46 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5352

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Java Open Single Sign-On Project Home (JOSSO) allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Java Open Single Sign-On Project Home 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Java Open Single Sign-On Project Home (JOSSO)中存在漏洞。远程攻击者可利用该漏洞通过缺少签名元素的SAML声明，伪造消息并绕过身份验证，又名‘签名排除攻击’。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-5352

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-5352

Please Login to view more intelligence information

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=865169x_refsource_MISC
🔗 http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdfx_refsource_MISC
🔗 http://www.securityfocus.com/bid/55892vdb-entryx_refsource_BID
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/79241vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2012-5352

Same Patch Batch · n/a · 2012-10-09 · 63 CVEs total

CVE-2012-5348		MangosWeb Enhanced ‘Login’SQL注入漏洞
CVE-2012-4003		GLPI-PROJECT GLPI 多个跨站脚本漏洞
CVE-2012-4452		Oracle MySQL 权限许可和访问控制问题漏洞
CVE-2012-4418		Apache Axis2 XML Signature Wrapping 安全漏洞
CVE-2012-4399		CakePHP 权限许可和访问控制漏洞
CVE-2012-2520		InfoPath 2013跨站脚本漏洞
CVE-2012-0182		Microsoft Word 代码注入漏洞
CVE-2012-3436		OpenTTD Water Clearing 拒绝服务漏洞
CVE-2012-5350		WordPress Pay With Tweet插件SQL注入漏洞
CVE-2012-5349		WordPress ‘Pay With Tweet’插件多个跨站脚本漏洞
CVE-2012-2528		Microsoft Word 资源管理错误漏洞
CVE-2012-5347		TinyWebGallery多个远程命令执行漏洞
CVE-2012-5346		WordPress WP Live.php插件 ‘s’ 参数跨站脚本漏洞
CVE-2012-5345		IPtools远程缓冲区溢出漏洞
CVE-2012-5344		IpTools Tiny TCP/IP servers目录遍历漏洞
CVE-2012-5343		Limny ‘login.php’ 跨站脚本漏洞
CVE-2012-5342		SenseSites CommonSense CMS 多个SQL注入漏洞
CVE-2012-5341		Otterware StatIt 多个跨站脚本漏洞
CVE-2012-4457		OpenStack Keystone 令牌验证安全绕过漏洞
CVE-2012-4456		OpenStack Keystone Essex 授权问题漏洞

Showing top 20 of 63 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-5352

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-5352

I. Basic Information for CVE-2012-5352

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-5352

III. Intelligence Information for CVE-2012-5352

Same Patch Batch · n/a · 2012-10-09 · 63 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-5352

Leave a comment