The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid provider, not from someone else. An ...
Continue Reading
June 13, 2022
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization opera ...
Continue Reading
June 13, 2022
Found **https://ws[.]alleqro.pl.priyadarshi.net/upload-data/form...Read More ...
Continue Reading
June 12, 2022
Found **https://quintakailua[.]com/oauth/indexx.php** ...Read More ...
Continue Reading
June 11, 2022
Found **https://quintakailua[.]com/oauth/indexx.php?oauth=eca6c-x...Read More ...
Continue Reading
June 10, 2022
### Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). ...
Continue Reading
June 09, 2022
### Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). ...
Continue Reading
June 09, 2022
Found **https://roommejts[.]com/oppel/oppel/indexx.php?oauth=9z8...Read More ...
Continue Reading
June 09, 2022
Back to Main
