8 matches found
EUVD-2023-47791
Malicious code in bioql PyPI...
CVE-2020-14959
Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the wp-admin/post.php Client Name, Position, Web Address, Other, Location Reviewed, Product Reviewed, Item Reviewed, or Rating parameter...
GHSA-69FP-7C8P-CRJR Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
A flaw was found in Keycloak in the OAuth 2.0 Pushed Authorization Requests PAR. Client provided parameters were found to be included in plain text in the KCRESTART cookie returned by the authorization server's HTTP response to a requesturi authorization request. This could lead to an information...
keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie
A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests PAR. Client-provided parameters were found to be included in plain text in the KCRESTART cookie returned by the authorization server's HTTP response to a requesturi authorization request, possibly leading to an information...
keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie
A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests PAR. Client-provided parameters were found to be included in plain text in the KCRESTART cookie returned by the authorization server's HTTP response to a requesturi authorization request, possibly leading to an information...
keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie
A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests PAR. Client-provided parameters were found to be included in plain text in the KCRESTART cookie returned by the authorization server's HTTP response to a requesturi authorization request, possibly leading to an information...
GHSA-4VRX-8PHJ-X3MG Duplicate Advisory: Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-69fp-7c8p-crjr. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests PAR. Client-provided parameters were found to...
MGASA-2021-0291 Updated gnutls packages fix security vulnerabilities
A flaw was found in gnutls. A use after free issue in client sending keyshare extension may lead to memory corruption and other consequences CVE-2021-20231. A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other...