Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). Sign ...
Continue Reading11 апреля, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through...Read More ...
Continue Reading10 апреля, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through...Read More ...
Continue Reading10 апреля, 2024
Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). Sign ...
Continue Reading10 апреля, 2024
(A cross-site leak vulnerability in the OAuth flow of all versions of G...Read More ...
Continue Reading08 апреля, 2024
A vulnerability in the column.title and cellLinkTooltip components of the Grafana web-based data presentation tool is related to insufficient protection of the web page structure. Exploitation of the ...
Continue Reading03 апреля, 2024
Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been ...
Continue Reading01 апреля, 2024
Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide ran ...
Continue Reading28 марта, 2024
Back to Main