CVE-2025-65430
CVE-2025-65430 affects allauth-django prior to 65.13.0. The issue arises when an IdP marks a user as is_active=False after tokens have been issued for that user, leaving active tokens potentially usable. The root cause is that marking the user inactive had no effect on existing tokens. The publis...