Lucene search
+L

5 matches found

NVD
NVD
added 2026/03/12 7:16 p.m.5 views

CVE-2026-32235

Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID Metadata Documents a...

5.9CVSS0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/12 6:35 p.m.2 views

CVE-2026-32235 @backstage/plugin-auth-backend: OAuth redirect URI allowlist bypass

Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID Metadata Documents a...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:35 p.m.3 views

CVE-2026-32235

Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID Metadata Documents a...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/12 2:50 p.m.4 views

GHSA-WQVH-63MV-9W92 @backstage/plugin-auth-backend: OAuth redirect URI allowlist bypass

Impact The experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID Metadata Documents and configured allowedRedirectUriPatterns are affected. A specially crafte...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.7 views

PT-2026-25051

Name of the Vulnerable Software and Affected Versions Backstage versions prior to 0.27.1 Description Backstage, an open framework for building developer portals, has an issue in the experimental OIDC provider within the @backstage/plugin-auth-backend component. Specifically, a redirect URI...

5.9CVSS6AI score0.00139EPSS
Exploits0References9
Rows per page
Query Builder