Authentication Bypass
Discription
authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by code_verifier step during the OAUTH initialisation flow. Authentik improperly accepts the token request when code_verifier is omitted, even when the flow was started with a code_challenge. An attacker can exploit this flaw to bypass the single sign-on provider, bypassing…Read More
References
Back to Main