Lucene search
+L

12 matches found

cvelist
cvelist
added 2026/06/25 3:59 p.m.20 views

CVE-2026-54573 Authorization Bypass in API Key/OAuth Scopes via Path Parsing Discrepancy

Outline is a service that allows for collaborative documentation. Prior to 1.8.0, the AuthenticationHelper.canAccess function uses ctx.originalUrl to verify if an API key or OAuth token has the required scopes for a request. It extracts the resource by splitting the URL by / and taking the last...

5.3CVSS0.00285EPSS
Exploits0References1
cve
cve
added 2026/06/25 3:59 p.m.8 views

CVE-2026-54573

CVE-2026-54573 affects Outline (a collaborative documentation service). Before version 1.8.0, AuthenticationHelper.canAccess uses ctx.originalUrl and extracts the target resource by splitting on “/” and taking the last segment, but does not strip the URL fragment (#). Since Koa’s router uses ctx....

5.3CVSS5.9AI score0.00285EPSS
Exploits0References1
osv
osv
added 2026/06/23 8:40 p.m.3 views

CVE-2026-46549 NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the OAuth token strategy attached oauthscope and oauthgrantedresources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited...

2CVSS6AI score0.00151EPSS
Exploits0References3
osv
osv
added 2026/06/17 6:9 p.m.8 views

GHSA-WRR5-99H5-GQ57 Gitea: Public-only tokens bypass private-resource restrictions on `/api/v1/user` self routes

Summary Many authenticated self routes under /api/v1/user/... do not enforce the public-only token restriction. As a result, a token or OAuth grant marked public-only, but otherwise carrying the route-required read/write scope category, can access or modify private account resources through self...

8.1CVSS5.5AI score
Exploits0References2
osv
osv
added 2026/04/16 11:36 p.m.6 views

BIT-AUTHENTIK-2024-52287 authentik performs insufficient validation of OAuth scopes

authentik is an open-source identity provider. When using the clientcredentials or devicecode OAuth grants, it was possible for an attacker to get a token from authentik with scopes that haven't been configured in authentik. authentik 2024.8.5 and 2024.10.3 fix this issue...

7.2CVSS5.7AI score0.00561EPSS
Exploits0References3
thn
thn
added 2025/05/28 1:41 p.m.26 views

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File

Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited, could allow websites to access a user's entire cloud storage content, as opposed to just the files selected for upload via the tool. "This stems from overly broad OAuth...

6.7AI score
Exploits0
osv
osv
added 2024/02/12 3:17 p.m.18 views

GHSA-GCCQ-H3XJ-JGVF Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions

Summary When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This vulnerability affects every version of Pixelf...

9.9CVSS8.9AI score0.00678EPSS
Exploits1References6
thn
thn
added 2023/11/28 12:34 p.m.43 views

Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation DWD feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "Such exploitation...

7.3AI score
Exploits0
thn
thn
added 2023/10/23 11:34 a.m.52 views

Who's Experimenting with AI Tools in Your Organization?

With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence—formerly the realm of data science and engineering teams—has become a resource available to every employee. From a productivity perspective, that's fantastic. Unfortunately for IT and...

6.7AI score
Exploits0
thn
thn
added 2023/08/21 11:12 a.m.39 views

How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes

From a user's perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you're seeking. Unfortunately, few users understand the implications of the permissions they allow when they...

7.2AI score
Exploits0
cvelist
cvelist
added 2015/02/23 2:0 a.m.31 views

CVE-2014-7922

The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...

6.6AI score0.00478EPSS
Exploits0References2
cve
cve
added 2015/02/23 2:0 a.m.51 views

CVE-2014-7922

CVE-2014-7922 involves the GoogleAuthUtil.getToken method in the Google Play services SDK prior to 2015. The vulnerability arises when the code sets parameters in OAuth token requests after detecting a corresponding opt parameter in the Bundle extras argument, enabling a crafted application to by...

4.3CVSS6.8AI score0.00478EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder