99 matches found
EUVD-2026-45177
SigNoz through 0.133.0 contains an open redirect vulnerability in the SSO authentication flow that allows unauthenticated attackers to steal session tokens from any user on instances configured with Google OAuth, SAML, or OIDC. Attackers can call the unauthenticated sessions context endpoint with...
CVE-2026-13410
Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...
CVE-2026-13543
A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to...
CVE-2026-13543 Documenso Google OAuth Login handle-oauth-callback-url.ts improper authentication
A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to...
CVE-2026-13543
Documenso (up to v2.11.0) is affected by a vulnerability in the Google OAuth Login flow. The issue resides in the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts and is triggered by manipulation of the OAuth callback URL, leading to improper authentication. The flaw can be exploi...
CVE-2026-13543 Documenso Google OAuth Login handle-oauth-callback-url.ts improper authentication
A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to...
CVE-2026-34721
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This vulnerability is fixed in 7.0.1 and 6.5.4...
CVE-2026-34721
Zammad (web-based helpdesk) has a CSRF vulnerability in the OAuth callback endpoints for external credentials (Microsoft, Google, Facebook). Prior to versions 7.0.1 and 6.5.4, these endpoints do not validate the CSRF state parameter, enabling potential CSRF-like behavior in the OAuth flow. The is...
PT-2026-31418
Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description The OAuth callback endpoints for Microsoft, Google, and Facebook external credentials do not validate a CSRF state parameter. This could allow an attacker to potentially compromise...
CVE-2026-25221
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...
CVE-2026-25221
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...
CVE-2026-25221
CVE-2026-25221 (PolarLearn) affects PolarLearn prior to 0-PRERELEASE-15. The OAuth 2.0 login flow for GitHub and Google providers fails to implement/verify the state parameter, enabling a Login CSRF attack. An attacker can pre-authenticate a session and lure a victim into logging into the attacke...
CVE-2026-25221 PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...
CVE-2026-25221 PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...
CVE-2026-25221 PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...
PT-2026-5729
Name of the Vulnerable Software and Affected Versions PolarLearn versions 0-PRERELEASE-15 and earlier Description The OAuth 2.0 implementation for GitHub and Google login providers is susceptible to Login Cross-Site Request Forgery CSRF. The application does not implement and verify the state...
Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds
New research from Recorded Future reveals how Russian state hackers BlueDelta are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims...
CVE-2025-66629
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the respon...
WordPress Felan Framework Improper Authentication Vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language.WordPress plugin is an application plugin. A vulnerability exists in the WordPress Felan Framework, which is caused by the presence of hard-coded passwords in the fbajaxloginorregister function and t...
EUVD-2025-34721
The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fbajaxloginorregister' function and in the 'googleajaxloginorregister' function. This makes it possible for unauthenticated...