Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs

Impact IdentityServer's local API authentication handler performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP access tokens at local api endpoints even without possessing the private key for signing proof tokens. Note that this only...

Duende IdentityServer 授权问题漏洞

Duende IdentityServer is a Duende open source, standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core. An authorization issue vulnerability exists in Duende IdentityServer version 7.0.0 and earlier, which stems from insufficient validation performed by the local API...

PT-2024-33666 · Duende · Duende Identityserver

Name of the Vulnerable Software and Affected Versions: Duende IdentityServer versions 7.0.0 through 7.0.7 Description: The local API authentication handler in Duende IdentityServer performs insufficient validation of the cnf claim in DPoP access tokens. This allows an attacker to use leaked DPoP...

IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Affected Methods - In the...

GHSA-55P7-V223-X366 IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Affected Methods - In the...

CVE-2024-39694

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

CVE-2024-39694

Duende.IdentityServer (OpenID Connect/OAuth 2.x framework for ASP.NET Core) is affected by CVE-2024-39694, an Open Redirect vulnerability. The issue arises when GetAuthorizationContextAsync and IsValidReturnUrl may return non-null or true for malicious URLs, allowing a redirect to an untrusted si...

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

URL Redirection to Untrusted Site ('Open Redirect')

Overview Affected versions of this package are vulnerable to URL Redirection to Untrusted Site 'Open Redirect' through the commonly used GetAuthorizationContextAsync and IsValidReturnUrl methods which return non-null values and the IsValidReturnUrl method which could return true for malicious URL...

IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Note: by itself, this vulnerability does not...

GHSA-FF4Q-64JC-GX98 IdentityServer Open Redirect vulnerability

Impact It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it to a third-party, untrusted site. Note: by itself, this vulnerability does not...

Duende IdentityServer 安全漏洞

Duende IdentityServer is a Duende open source, standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core. A security vulnerability exists in Duende IdentityServer that stems from certain functions that incorrectly treat maliciously constructed URLs as local and trusted. An...

PT-2024-28632 · Microsoft +1 · Asp.Net Core +1

Name of the Vulnerable Software and Affected Versions: Duende IdentityServer versions 5.1 and earlier Duende IdentityServer versions 6.0 through 6.0.4 Duende IdentityServer versions 6.1 through 6.1.7 Duende IdentityServer versions 6.2 through 6.2.4 Duende IdentityServer versions 6.3 through 6.3.9...

CVE-2019-12250

IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logger is not...

Cross site scripting

DISPUTED IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered by viewing a log. NOTE: the software maintainer disputes that this is a vulnerability because the request logg...

CVE-2019-12250

CVE-2019-12250 affects IdentityServer4 up to version 2.4. The issue is a stored XSS via the httpContext in host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext, triggerable by viewing a log. Some sources (IdentityServer maintainers) dispute this as a vulnerability since the logger is not...

PT-2019-12717 · Identityserver · Identityserver

Name of the Vulnerable Software and Affected Versions: IdentityServer versions 4 through 2.4 Description: The issue is related to stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method. This can be triggered by viewing a log. It's worth noting...

CVE-2018-8899

IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations...