CVE-2019-9837
The CVE-2019-9837 issue affects Doorkeeper::OpenidConnect (OpenID Connect extension for Doorkeeper) versions 1.4.x and 1.5.x prior to 1.5.4. An open redirect can occur via the redirect_uri field in an OAuth authorization request when the request includes the 'openid' scope and prompt=none, potent...