Insufficient Verification Of Data Authenticity
org.wildfly:wildfly-elytron-oidc-client-subsystem is vulnerable to authorization code injection. The vulnerability is due to improper session handling that allows an attacker to inject a stolen authorization code into their own session with a victim's identity, typically through a Man-in-the-Midd...