GHSA-FVCJ-HVFW-7F2V botframework-connector vulnerable to Improper Authentication

Impact A maliciously crafted claim may be incorrectly authenticated by the bot. Impacts bots that are not configured to be used as a Skill. This vulnerability requires an attacker to have internal knowledge of the bot. Patches The problem has been patched in all affected versions. Please see the...

PT-2021-1610 · Microsoft · Bot Framework Sdk

Name of the Vulnerable Software and Affected Versions: Bot Framework SDK versions prior to the fixed version Description: The vulnerability is related to the lack of protection of service data in the Bot Framework SDK. It may allow a remote attacker to gain unauthorized access to protected...