2 matches found
CVE-2025-12789
The CVE-2025-12789 issue affects Red Hat Single Sign-On and is an Open Redirect vulnerability during the logout process. The root cause is that the redirect_uri parameter used in the openid-connect logout flow is not properly validated, enabling potential redirection to a malicious URL. Documents...
CVE-2025-24973 Concorde not removing authentication tokens after logging out
Concorde, formerly know as Nexkey, is a fork of the federated microblogging platform Misskey. Prior to version 12.25Q1.1, due to an improper implementation of the logout process, authentication credentials remain in cookies even after a user has explicitly logged out, which may allow an attacker ...