GHSA-4RH7-JWG9-M28M openssl-encrypt accepts refresh tokens as URL query parameters causing token leakage
Summary Refresh tokens are accepted as URL query parameters in the keyserver and telemetry server routes. Affected Code python opensslencryptserver/modules/keyserver/routes.py:214-215 opensslencryptserver/modules/telemetry/routes.py:90-91 async def refreshtoken request: Request, refreshtoken: str...