In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was...Read More ...
Continue Reading
May 23, 2025
The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated user ...
Continue Reading
May 23, 2025
The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated user ...
Continue Reading
May 23, 2025
In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosu ...
Continue Reading
May 23, 2025
NextAuth.js is an open source authentication solution for Next.js applications. next-auth applications using OAuth provider versions before v4.20.1 have been found to be subject to an authentication v ...
Continue Reading
May 23, 2025
A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's...Read More ...
Continue Reading
May 23, 2025
league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey cons ...
Continue Reading
May 23, 2025
NextAuth.js is an open source authentication solution for Next.js applications. next-auth applications using OAuth provider versions before v4.20.1 have been found to be subject to an authentication v ...
Continue Reading
May 23, 2025
Back to Main
