2 matches found
Authentik 2024.8.x < 2024.8.3 Authentication Bypass
According to its banner, the version of Authentik running on the remote host is prior to 2024.6.5 or 2024.8.x prior to 2024.8.3. It is, therefore, affected by an Authentication Bypass vulnerability via the X-Forwarded-For header. Note that the scanner has not tested for these issues but has inste...
PT-2024-32388
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2024.8.3 authentik versions prior to 2024.6.5 Description A vulnerability in authentik, an open-source identity provider, allows bypassing password login by adding an X-Forwarded-For header with an unparsable IP...