Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.10 views

CVE-2024-52289

authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...

9.8CVSS6.8AI score0.0106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/21 5:18 p.m.13 views

CVE-2024-52289 authentik has an insecure default configuration for OAuth2 Redirect URIs

authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...

7.9CVSS6.4AI score0.0106EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/21 5:18 p.m.22 views

CVE-2024-52289 authentik has an insecure default configuration for OAuth2 Redirect URIs

authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...

7.9CVSS0.0106EPSS
Exploits0References2
OSV
OSV
added 2024/11/21 5:18 p.m.12 views

CVE-2024-52289 authentik has an insecure default configuration for OAuth2 Redirect URIs

authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirecturi value received as an allowed redirect URI, without escaping...

7.9CVSS6.8AI score0.0106EPSS
Exploits0References6
Rows per page
Query Builder