PT-2024-28439
Name of the Vulnerable Software and Affected Versions Pomerium versions prior to 0.26.1 Description The Pomerium user info page, located at the /.pomerium endpoint, unintentionally included serialized OAuth2 access and ID tokens from the logged-in user's session. These tokens are not intended to ...