Site icon API Security Blog

Authentication Bypass

opensearch is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly handle white spaces in JWT roles which allow users to potentially claim roles that they are not assigned to by injecting and executing malicious codeRead More

Exit mobile version