2 matches found
PT-2026-48827
Name of the Vulnerable Software and Affected Versions Okta affected versions not specified Description Improper state verification in the OAuth implementation allows an attacker to manipulate the authentication flow. This can lead to a victim's account being linked to an account controlled by the...
CVE-2025-14546
Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the getloginurl method allows for state generation, it does not persist the state or bind it to...