Lucene search
+L

65 matches found

Github Security Blog
Github Security Blog
added 2026/03/25 9:57 p.m.6 views

n8n Has Authorization Bypass in OAuth Callback via N8N_SKIP_AUTH_ON_OAUTH_CALLBACK

Impact When the N8NSKIPAUTHONOAUTHCALLBACK environment variable is set to true, the OAuth callback handler skips ownership verification of the OAuth state parameter. This allows an attacker to trick a victim into completing an OAuth flow against a credential object the attacker controls, causing...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/03/20 2:16 p.m.5 views

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

5.3CVSS0.00303EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:2 p.m.4 views

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

6.1CVSS5.8AI score0.00303EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/13 8:50 p.m.5 views

idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability

idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability Impact The Microsoft.Bcl.Memory package, a transitive dependency of idunno.AtProto and idunno.AtProto.OAuthCallback had a Denial of Service security vulnerability, CVE-2026-26127 Patches v1.7.0 updates...

7.5CVSS5.8AI score0.02049EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2026/03/10 9:3 p.m.5 views

GHSA-WG9X-QFGW-PXHJ Feathers has an OAuth Callback Account Takeover issue

An unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's authentication payload has a fallback chain that reaches params.query the raw request query when Grant's session/state responses are empt...

9.3CVSS5.8AI score0.00519EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/10 9:3 p.m.10 views

Feathers has an OAuth Callback Account Takeover issue

An unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's authentication payload has a fallback chain that reaches params.query the raw request query when Grant's session/state responses are empt...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/03/10 8:16 p.m.10 views

CVE-2026-29792

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, an unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's...

9.8CVSS0.00519EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 8:6 p.m.4 views

CVE-2026-29792

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, an unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's...

9.3CVSS5.8AI score0.00519EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/03/10 8:6 p.m.30 views

CVE-2026-29792 Feathersjs has an OAuth Callback Account Takeover

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, an unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's...

9.3CVSS0.00519EPSS
Exploits0References1
OSV
OSV
added 2026/03/10 8:6 p.m.5 views

CVE-2026-29792 Feathersjs has an OAuth Callback Account Takeover

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, an unauthenticated attacker can send a crafted GET request directly to /oauth/:provider/callback with a forged profile in the query string. The OAuth service's...

9.3CVSS5.8AI score0.00519EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/21 3:23 a.m.4 views

CVE-2026-27191 Feathers: Open Redirect in OAuth callback enables account takeover

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Versions 5.0.39 and below the redirect query parameter is appended to the base origin without validation, allowing attackers to steal access tokens via URL authority injection. This leads to...

7.4CVSS5.4AI score0.00254EPSS
Exploits0References3
OSV
OSV
added 2026/02/21 3:23 a.m.11 views

CVE-2026-27191 Feathers: Open Redirect in OAuth callback enables account takeover

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Versions 5.0.39 and below the redirect query parameter is appended to the base origin without validation, allowing attackers to steal access tokens via URL authority injection. This leads to...

7.4CVSS5.7AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/21 3:23 a.m.33 views

CVE-2026-27191 Feathers: Open Redirect in OAuth callback enables account takeover

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Versions 5.0.39 and below the redirect query parameter is appended to the base origin without validation, allowing attackers to steal access tokens via URL authority injection. This leads to...

7.4CVSS0.00254EPSS
Exploits0References3
OSV
OSV
added 2026/02/19 8:32 p.m.7 views

GHSA-PPF9-4FFW-HH4P Feathers has an open redirect in OAuth callback enables account takeover

Description The redirect query parameter is appended to the base origin without validation, allowing attackers to steal access tokens via URL authority injection. This leads to full account takeover, as the attacker obtains the victim's access token and can impersonate them. The application...

7.4CVSS5.7AI score0.00254EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.6 views

CVE-2026-1721

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

6.2CVSS5.9AI score0.00371EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/13 9:4 p.m.11 views

Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

5.9AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/13 3:31 a.m.6 views

GHSA-CVHV-6XM6-C3V4 Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

6.2CVSS6AI score0.00371EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/13 3:31 a.m.9 views

Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

6.2CVSS5.9AI score0.00371EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/02/13 3:15 a.m.13 views

CVE-2026-1721

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

6.2CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/13 1:46 a.m.5 views

CVE-2026-1721 Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site

Summary A Reflected Cross-Site Scripting XSS vulnerability was discovered in the AI Playground's OAuth callback handler. The errordescription query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the contex...

6.2CVSS5.9AI score0.00371EPSS
Exploits0References1
Rows per page
Query Builder