4 matches found
CVE-2024-21637
Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...
CVE-2024-21637
creationtimestamp| type| source ---|---|--- 2024-01-11 07:31:57+00:00| seen| https://t.me/ctinow/166329 2024-01-30 09:41:38+00:00| seen| https://t.me/ctinow/175781...
CVE-2024-21637 XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode
Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...
CVE-2024-21637 XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode
Authentik is an open-source Identity Provider. Authentik is a vulnerable to a reflected Cross-Site Scripting vulnerability via JavaScript-URIs in OpenID Connect flows with responsemode=formpost. This relatively user could use the described attacks to perform a privilege escalation. This...