Moderate severity vulnerability that affects Auth0.AuthenticationApi

2019-10-24T20:56:12
ID GHSA-C9CG-Q8R2-XVJQ
Type github
Reporter GitHub Advisory Database
Modified 2019-11-01T17:06:48

Description

Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.