Site icon API Security Blog

Information Disclosure

github.com/dapr/dapr is vulnerable to Information Disclosure. The vulnerability is caused due to the gRPC proxy sending the invoker app's token instead of the invoked app's token. This allows an attacker to gain access to the invoker app's token, compromising security and authentication…Read More

Exit mobile version