CVE-2018-15754
Cloud Foundry UAA (versions 60.x prior to 66.0) contains an authorization logic error that can allow a remote authenticated user to obtain a token for another account with the same username across different identity providers. This vulnerability is triggered in environments with multiple identity...