Lucene search
PRIOn knowledge basePRION:CVE-2018-15121HistoryAug 29, 2018 - 3:29 a.m.
Cross site request forgery (csrf)
2018-08-2903:29:00
PRIOn knowledge base
www.prio-n.com
2
An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Affected packages do not use or validate the state parameter of the OAuth 2.0 and OpenID Connect protocols. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
Related
cve
cve
CVE-2018-15121
2018-08-29 03:29:00
osv
osv
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery
2022-05-14 02:01:18
nvd
nvd
CVE-2018-15121
2018-08-29 03:29:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2019-12-06 05:58:22
cvelist
cvelist
CVE-2018-15121
2018-08-29 03:00:00
gitlab
gitlab
Cross-Site Request Forgery (CSRF)
2022-05-14 00:00:00
github
github
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery
2022-05-14 02:01:18