BIT-OAUTH2-PROXY-2026-40574 OAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email Claims

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of the emaildomain enforcement option. An attacker may be able to authenticate with an email claim such as [email protected]@company.com and...

OAuth2 Proxy 安全漏洞

OAuth2 Proxy is a product offered by OAuth2 Proxy organizations that can provide a reverse proxy for authentication with Google, Github, or other providers. Versions of OAuth2 Proxy prior to 7.15.2 had security vulnerabilities. These vulnerabilities stemmed from the emaildomain enforcement option...

Shopify: [h1-2102] [Plus] User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only

Summary: User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only Description: User with Store management permission - F1168470 only, is able to change user management settings using the graphql Steps To Reproduce: - - - - - As a...

[SECURITY] Fedora 9 Update: squidGuard-1.2.1-2.fc9

squidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users...