CVE-2023-41089

The affected product is vulnerable to an improper authentication vulnerability, which may allow an attacker to impersonate a legitimate user as long as the device keeps the session active, since the attack takes advantage of the cookie header to generate "legitimate" requests...

CVE-2023-41089

The affected product is vulnerable to an improper authentication vulnerability, which may allow an attacker to impersonate a legitimate user as long as the device keeps the session active, since the attack takes advantage of the cookie header to generate "legitimate" requests...

Cross-Site Request Forgery in Apache CXF Fediz

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

GHSA-F5CH-36RG-VFCC Cross-Site Request Forgery in Apache CXF Fediz

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...

Published apps not launching for some users when connecting through VPN, no errors

• Users connect to the company’s network using Citrix Gateway VPN • When launching a published app, the progress popup shows up and disappears seconds later, nothing else shows app, no errors • Receiver Connection center shows a connection with the VDA but no app launched • VDA shows the user...

CVE-2017-7662

Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...