2 matches found
GHSA-RFQ3-W54C-F9Q5 OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses
Impact fosite400 released as v0.30.2 introduced a new feature for handling redirect URLs pointing to loopback interfaces rfc8252section-7.3. As part of that change new behavior was introduced which failed to respect the redirect URL's only for loopback interfaces! query parameters 1. Registering ...
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses
Impact fosite400 released as v0.30.2 introduced a new feature for handling redirect URLs pointing to loopback interfaces rfc8252section-7.3. As part of that change new behavior was introduced which failed to respect the redirect URL's only for loopback interfaces! query parameters 1. Registering ...