Security Advisory

CVE-2026-29191

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-07 15:07:02

Last updated 2026-03-09 20:44:25

Assigner GitHub_M

State PUBLISHED

Description

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadels login V2 interface was discovered that allowed a possible account takeover via XSS in /saml-post Endpoint. This issue has been patched in version 4.12.0.

← Browse all CVEs View on cve.org ↗