mod_auth_openidc: DoS when using `OIDCSessionType client-cookie` and manipulating cookies
A flaw was found in modauthopenidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. Missing input validation in the modauthopenidcsessionchunks cookie value can make the server vulnerable to a denial of service attack. This issue may allow a remote attacke...