Drupal OAuth & OpenID Connect Login - OAuth2 Client SSO Login - Critical - Multiple Vulnerabilities - SA-CONTRIB-2019-016
This module enables you to allow login into the Drupal websites through an external provider over the OAuth 2.0 protocol. The module sets a Drupal variable used for redirection based on unsanitised user input, leading to an Open Redirect vulnerability. It also fails to sanitise user input which i...