Lucene search
MitreCVELIST:CVE-2018-15121HistoryAug 29, 2018 - 3:00 a.m.
CVE-2018-15121
2018-08-2903:00:00
mitre
www.cve.org
An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Affected packages do not use or validate the state parameter of the OAuth 2.0 and OpenID Connect protocols. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
Related
cve
cve
CVE-2018-15121
2018-08-29 03:29:00
osv
osv
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery
2022-05-14 02:01:18
nvd
nvd
CVE-2018-15121
2018-08-29 03:29:00
prion
prion
Cross site request forgery (csrf)
2018-08-29 03:29:00
github
github
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery
2022-05-14 02:01:18
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-12-06 05:58:22
gitlab
gitlab
Cross-Site Request Forgery (CSRF)
2022-05-14 00:00:00