An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary...
4.7CVSS
4.9AI Score
0.001EPSS
XWiki OIDC has various tools to manipulate OpenID Connect protocol in XWiki. Prior to version 1.29.1, even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider its details through request parameters. One can then bypass the...
7.5CVSS
7.6AI Score
0.001EPSS
7.4CVSS
7.4AI Score
0.001EPSS