4 matches found
CVE-2018-6874
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...
CVE-2018-6874
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...
CVE-2018-6874
CVE-2018-6874 describes a CSRF flaw in Auth0's authentication service when the Legacy Lock API flag is enabled. The vulnerability allows an attacker to reuse a valid signed JWT to perform actions in the victim’s account if the user visits a malicious page. Documents indicate the issue affected Au...
CVE-2018-6874
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...