2 matches found
picoctf-2025-unsafe-eval-writeup
picoCTF 2025 — Unssafe Eval Web Exploitation Challenge:...
CVE-2024-52289 authentik has an insecure default configuration for OAuth2 Redirect URIs
authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...