org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This ari ...
Continue Reading
May 22, 2025
OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT...Read More ...
Continue Reading
May 22, 2025
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's...Read More ...
Continue Reading
May 22, 2025
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's...Read More ...
Continue Reading
May 22, 2025
The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attacke ...
Continue Reading
May 22, 2025
A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users ...
Continue Reading
May 22, 2025
A reflected cross-site scripting (XSS) vulnerability in the Symantec Layer7 API Management OAuth Toolkit (OTK) allows a remote attacker to craft a malicious URL for the OTK web UI and target OTK users ...
Continue Reading
May 22, 2025
The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attacke ...
Continue Reading
May 22, 2025
Back to Main
