4 matches found
CVE-2025-43916
creationtimestamp| type| source ---|---|--- 2025-04-21 14:54:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lndgahq4td2y 2025-04-21 15:48:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114376738396487768 2025-04-21 18:09:21+00:00| seen| https://t.me/cvedetector/234...
CVE-2025-43916
Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirecturi containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization code may be sent to an attacker-controlled destination. This might have...
CVE-2025-43916
Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirecturi containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization code may be sent to an attacker-controlled destination. This might have...
CVE-2025-43916
Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirecturi containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization code may be sent to an attacker-controlled destination. This might have...