GO-2022-0261 Authentication bypass issue in the Operator Console in github.com/minio/console

Authentication bypass issue in the Operator Console in github.com/minio/console...

Authentication Bypass

github.com/minio/console is vulnerable to authentication bypass. When external IDP is enabled in Operator Console, operator does not perform sufficient validation checks on 'Oauth2' login flow, leading to authentication bypass...

Authentication bypass issue in the Operator Console

During an internal security audit, we detected an authentication bypass issue in the Operator Console when an external IDP is enabled. The security issue has been reported internally. We have not observed this exploit in the wild or reported elsewhere in the community at large. All users are...

GHSA-4999-659W-MQ36 Authentication bypass issue in the Operator Console

During an internal security audit, we detected an authentication bypass issue in the Operator Console when an external IDP is enabled. The security issue has been reported internally. We have not observed this exploit in the wild or reported elsewhere in the community at large. All users are...

CVE-2021-41266

Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and before are affect...

CVE-2021-41266

Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and before are affect...

CVE-2021-41266 Authentication bypass issue in the Operator Console

Minio console is a graphical user interface for the for MinIO operator. Minio itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. All users on release v0.12.2 and before are affect...

CVE-2021-41266

CVE-2021-41266 affects MinIO Console (the Operator Console UI for the MinIO Operator). The vulnerability is an authentication bypass in the Operator Console when an external IDP is enabled, impacting all users on release v0.12.2 and earlier. A fix is available in v0.12.3 and newer. If upgrading i...

Minio 访问控制错误漏洞

Minio MinIO is an open source object storage server from the US-based MinIO Minio. The product supports building infrastructures for machine learning, analytics, and application data workloads. An access control error vulnerability exists in Minio 0.12.2 and prior versions, which stems from an...

PT-2021-23227 · Minio · Minio

Name of the Vulnerable Software and Affected Versions: Minio console versions prior to 0.12.3 Description: The Minio console is subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. This issue affects all users on release v0.12.2 and before. The...

AliveChat Cross Site Scripting

Exploit Title: AliveChat Cross Site Scripting Date: 29.02.2012 Author: Sony Software Link: http://www.websitealive.com/ Google Dorks: inurl:https://www.websitealive1.com Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC:...