CVE-2019-12250 (identityserver4)

IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log.
Source: NIST
CVE-2019-12250 (identityserver4)