2 matches found
PT-2024-29972 · Unknown · Oauth Library For Nim
Name of the Vulnerable Software and Affected Versions: OAuth library for nim versions prior to 0.11 Description: The issue concerns the OAuth library for nim, where the Authorization Code grant and Implicit grant rely on the state parameter to prevent cross-site request forgery CSRF attacks...
oauth 安全漏洞
oauth is an oauth library for nim from the individual developer Yoshihiro Tanaka. A security vulnerability exists in versions of oauth prior to 0.11, which stems from the state values generated by the generateState function not having sufficient entropy for an attacker to successfully guess these...