Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows ...
Continue Reading
January 09, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows ...
Continue Reading
January 09, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows ...
Continue Reading
January 09, 2025
WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover in github.com/h44z/wg-portal. NOTE: The source advisory for this report contains additional versions that could not be ...
Continue Reading
January 09, 2025
Impact Users of WireGuard Portal v2 who have OAuth (or OIDC) authentication backends enabled can be affected by an Account Takeover vulnerability if they visit a malicious website. Patches The problem ...
Continue Reading
January 08, 2025
Impact Users of WireGuard Portal v2 who have OAuth (or OIDC) authentication backends enabled can be affected by an Account Takeover vulnerability if they visit a malicious website. Patches The problem ...
Continue Reading
January 07, 2025
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically...Read More ...
Continue Reading
January 07, 2025
Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source (https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.php#L192). This can leave s ...
Continue Reading
January 07, 2025
Back to Main
