EUVD-2018-0785

Malware in sbrugna...

Cross-Site Request Forgery (CSRF)

Auth0 and Auth0-lock is vulnerable to cross-site request forgery. The vulnerability exists when the Legacy Lock API flag is enabled. This allows an attacker to perform unwanted actions in the context of the user when the victim is tricked into visiting a malicious web page...

Cross-Site Request Forgery (CSRF) in Auth0

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

GHSA-WV26-RJ8C-4R33 Cross-Site Request Forgery (CSRF) in Auth0

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

Cross site request forgery (csrf)

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

CVE-2018-6874

CVE-2018-6874 describes a CSRF flaw in Auth0's authentication service when the Legacy Lock API flag is enabled. The vulnerability allows an attacker to reuse a valid signed JWT to perform actions in the victim’s account if the user visits a malicious page. Documents indicate the issue affected Au...