### Summary Strapi through 4.5.6 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. ### Details Strapi through 4.5.6 d ...
Continue Reading
May 01, 2023
### Summary Strapi through 4.5.6 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. ### Details Strapi through 4.5.6 d ...
Continue Reading
May 01, 2023
Grafana Labs reports: When setting up Grafana, there is an option to enable JWT authentication. Enabling this will allow users to authenticate towards the Grafana instance with a special header ...
Continue Reading
May 01, 2023
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it a ...
Continue Reading
May 01, 2023
A flaw was found in HashiCorp Consul, where it is vulnerable to a denial of service caused by improper input validation for the node or segment names. By sending a specially-crafted request, a remote, ...
Continue Reading
May 01, 2023
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it ...
Continue Reading
May 01, 2023
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can cra ...
Continue Reading
May 01, 2023
Back to Main
