GHSA-4V5X-9M47-CQR2 Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5565-3c98-g6jc. This link is maintained to preserve external references. Original Description A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the...

OIDC-Client 数据伪造问题漏洞

OIDC-Client is an IdentityModel open source library that provides OpenID Connect OIDC and OAuth2 protocol support for client-side, browser-based JavaScript client applications. OIDC-Client suffers from a data forgery issue vulnerability that stems from an authorization code injection attack that...