GHSA-J4G7-V4M4-77PX ZITADEL is vulnerable to Account Takeover with deactivated Instance IdP
Summary A vulnerability in ZITADEL's federation process allowed auto-linking users from external identity providers to existing users in ZITADEL even if the corresponding IdP was not active or if the organization did not allow federated authentication. Impact This vulnerability stems from the...