Lucene search
K

153 matches found

NVD
NVD
added 2020/05/07 9:15 p.m.14 views

CVE-2020-11053

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is check...

7.1CVSS6.8AI score0.0079EPSS
Exploits0References1
Prion
Prion
added 2020/05/07 9:15 p.m.38 views

Open redirect

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is check...

5.8CVSS6.2AI score0.0079EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/07 8:30 p.m.97 views

CVE-2020-11053

Summary: Vulnerability in OAuth2 Proxy prior to 5.1.1 allows an open redirect by bypassing redirect URL validation through HTML-encoded whitespace characters. This could let an attacker steer an authenticated user to an arbitrary URL after login. The issue is mitigated in version 5.1.1 by patchin...

7.1CVSS6.2AI score0.0079EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 8:30 p.m.21 views

CVE-2020-11053 Open Redirect in OAuth2 Proxy

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is check...

7.1CVSS6.8AI score0.0079EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/05/07 8:30 p.m.12 views

CVE-2020-11053 Open Redirect in OAuth2 Proxy

In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is check...

7.1CVSS6.6AI score0.0079EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/04 12:0 a.m.5 views

OAuth2 Proxy Open Redirect Vulnerability

OAuth2 Proxy is an OAuth2 proxy service program. OAuth2 Proxy has an input validation vulnerability that can be exploited by remote attackers to submit malicious URIs and trick users into parsing them, which can be used to perform redirection attacks, hijack sessions by obtaining sensitive...

6.1CVSS7AI score0.01124EPSS
Exploits1References1
OSV
OSV
added 2020/01/30 7:15 p.m.18 views

CVE-2020-5233

OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0...

6.1CVSS6.8AI score0.01124EPSS
Exploits1References3
NVD
NVD
added 2020/01/30 7:15 p.m.18 views

CVE-2020-5233

OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0...

6.1CVSS5.9AI score0.01124EPSS
Exploits1References3
Prion
Prion
added 2020/01/30 7:15 p.m.21 views

Open redirect

OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0...

5.8CVSS6.2AI score0.01124EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/01/30 5:45 p.m.20 views

CVE-2020-5233 Open Redirect in OAuth2 Proxy

OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0...

5.9CVSS6.2AI score0.01124EPSS
Exploits1References3
CVE
CVE
added 2020/01/30 5:45 p.m.91 views

CVE-2020-5233

CVE-2020-5233 affects the OAuth2 Proxy project (github.com/pusher/oauth2_proxy) prior to version 5.0, where an open redirect vulnerability exists in the redirect handling. The vulnerable component is the redirect/redirect URL validation path, enabling an attacker to silently harvest authenticatio...

6.1CVSS5.9AI score0.01124EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/01/30 12:0 a.m.9 views

PT-2020-18329 · Oauth2 Proxy · Oauth2 Proxy

Name of the Vulnerable Software and Affected Versions: oauth2 proxy versions prior to 5.0 Description: An open redirect vulnerability has been found in oauth2 proxy. This issue could allow an attacker to silently harvest authentication tokens. For example, an attacker could use a URL like...

6.1CVSS6.2AI score0.01124EPSS
Exploits1References12
CNVD
CNVD
added 2017/09/22 12:0 a.m.5 views

Bitly oauth2_proxy Cross-Site Request Forgery Vulnerability

Bitly oauth2proxy is a reverse proxy server that provides authentication with Google, Github and other providers. A cross-site request forgery vulnerability exists in Bitly oauth2proxy version 2.1. A remote attacker can exploit this vulnerability to perform unauthorized operations...

8.8CVSS7.1AI score0.00739EPSS
Exploits0References1
Rows per page
Query Builder