Authentication Bypass
Discription

opensearch is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly handle white spaces in JWT roles which allow users to potentially claim roles that they are not assigned to by injecting and executing malicious codeRead More

Back to Main

Subscribe for the latest news: