Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding

Executive Summary A critical library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect OIDC ID Tokens. Specifically, the internal hash verification logic verifyhash responsible for validating the athash Access Token Hash and chash...

Ubiquiti Networks UniFi 3.2.10 Cross Site Request Forgery

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Ubiquiti Networks UniFi Vendor URL: www.ubnt.com Type: Cross-Site Request Forgery CWE-353 Date found: 2015-03-19 Date published: 2016-02-23 CVSSv3 Score: 6.3...