CVE-2023-2193 Oauth authorization codes do not expire when deauthorizing an oauth2 app

Mattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an Access Control Error vulnerability that arises from an existing authorization code being invalidated when de-authorizing an OAuth2 application, which can be exploited by an...

CVE-2023-1584

A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provide...

Exploit for Improper Authentication in Redhat Keycloak

PoC for CVE-2023-0264 Keycloak vulnerability that allows ses...

pixiv: Stealing Users OAuth authorization code via redirect_uri

A path traversal vulnerability in the OAuth redirecturi parameter allowed attackers to redirect authenticated users to their product page with their OAuth credentials, potentially leading to account takeover. This could occur due to the leakage of the user's authorization code via the query strin...

Dexidp Dex 信息泄露漏洞

Dexidp Dex is a Go-based language used for secure authentication via OpenId by the Dexidp team. Versions of Dex prior to 2.35.0 have a security vulnerability that stems from the fact that its Dex instances with public clients clients that, by extension, accept tokens issued by these Dex instances...

CVE-2022-39222 OAuth authorization code exposure in Dex

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex instances with public clients and by extension, clients accepting tokens issued by those Dex instances are affected by this vulnerability if they are running a version prior to 2.35.0. An attacker can...

CVE-2022-39222 OAuth authorization code exposure in Dex

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex instances with public clients and by extension, clients accepting tokens issued by those Dex instances are affected by this vulnerability if they are running a version prior to 2.35.0. An attacker can...

CVE-2022-39222

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex instances with public clients and by extension, clients accepting tokens issued by those Dex instances are affected by this vulnerability if they are running a version prior to 2.35.0. An attacker can...

Man-in-the-Middle (MitM)

github.com/dexidp/dex is vulnerable to man-in-the-middle attacks. The vulnerability exists because the library does not properly implement the HMAC protection on the approval endpoint, allowing an attacker to capture the id token via intercepted authorization code...

Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code

Impact Dex instances with public clients and by extension, clients accepting tokens issued by those Dex instances are affected by this vulnerability. An attacker can exploit this vulnerability by making a victim navigate to a malicious website and guiding them through the OIDC flow, stealing the...

GHSA-VH7G-P26C-J2CW Dex vulnerable to Man-in-the-Middle allowing ID token capture via intercepted authorization code

Impact Dex instances with public clients and by extension, clients accepting tokens issued by those Dex instances are affected by this vulnerability. An attacker can exploit this vulnerability by making a victim navigate to a malicious website and guiding them through the OIDC flow, stealing the...

Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)

This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...

Shopify: Shop App - Attacker is able to intercept authorization code during authentication (OAuth) and is able to get access to Microsoft Outlook email account

A vulnerability was discovered in the Shop App's Microsoft Outlook OAuth flow, where a malicious app could intercept the authorization code during authentication due to the use of deep links. This could allow an attacker to gain access to the victim's emails. The issue was mitigated by implementi...

GHSA-CC8C-26RJ-V2VX administrate vulnerable to Cross-Site Request Forgery

Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...

CVE-2016-3098

Cross-site request forgery CSRF vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code...

Denial Of Service (DoS)

org.springframework.security:spring-security-oauth2-client is vulnerable to denial of service DoS attacks. An attacker is able to cause resource exhaustion via sending multiple requests initiating the authorization request for the authorization code grant using a single session or multiple...

spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request

Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service DoS attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker c...

CVE-2020-26877

ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect...

CVE-2020-26877

ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect...