Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the ‘None’ type algorithm to bypass authentication and impersonate any user that use AWS Cognito for authentication.
CPE | Name | Operator | Version |
---|---|---|---|
strapi | eq | 4.0.0-beta.14 | |
strapi | eq | 4.0.0-beta.5 | |
strapi | eq | 4.2.0-beta.4 | |
strapi | eq | 3.3.1 | |
strapi | eq | 4.0.0-beta.20 | |
strapi | eq | 3.1.7 | |
strapi | eq | 4.0.3 | |
strapi | eq | 4.1.10 | |
strapi | eq | 4.4.6 | |
strapi | eq | 4.1.0 |