PT-2023-33074 · Amazon · Aws Cognito
Name of the Vulnerable Software and Affected Versions: Strapi versions 4.5.6 and earlier Description: The issue concerns the verification of access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token...