Lucene search
K

246 matches found

NVD
NVD
added 2026/02/02 11:16 p.m.7 views

CVE-2026-25221

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...

8.1CVSS0.00203EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/02 10:59 p.m.27 views

CVE-2026-25221 PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery CSRF. The application fails to implement and verify the state parameter during the...

2.3CVSS0.00203EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/02 9:16 p.m.27 views

CVE-2025-69207 Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

5.4CVSS0.00361EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/02 9:16 p.m.3 views

CVE-2025-69207 Khoj has an IDOR in Notion OAuth Flow Enables Index Poisoning

Khoj is a self-hostable artificial intelligence app. Prior to 2.0.0-beta.23, an IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was...

5.4CVSS5.6AI score0.00361EPSS
Exploits1References3
OSV
OSV
added 2026/02/02 5:31 p.m.4 views

GHSA-6WHJ-7QMG-86QJ Khoj has an IDOR in Notion OAuth Flow that Enables Index Poisoning

Summary An IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion...

5.4CVSS5.7AI score0.00361EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/02/02 5:31 p.m.5 views

Khoj has an IDOR in Notion OAuth Flow that Enables Index Poisoning

Summary An IDOR in the Notion OAuth callback allows an attacker to hijack any user's Notion integration by manipulating the state parameter. The callback endpoint accepts any user UUID without verifying the OAuth flow was initiated by that user, allowing attackers to replace victims' Notion...

7.1CVSS5.6AI score0.00361EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.7 views

PolarLearn 跨站请求伪造漏洞

PolarLearn is an online learning platform developed by PolarNL as open source. Versions of PolarLearn prior to 0-PRERELEASE-15 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of the state parameter in the OAuth 2.0 implementation, whic...

8.1CVSS5.7AI score0.00203EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/26 10:21 p.m.4 views

CVE-2026-24408 sigstore has CSRF possibility in OIDC authentication during signing

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. OAuthSession creates a unique "state" and sends it as a parameter in the authentication request bu...

5.9AI score0.00158EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:21 p.m.6 views

CVE-2026-24408

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. OAuthSession creates a unique "state" and sends it as a parameter in the authentication request bu...

5.9AI score0.00158EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/26 9:34 p.m.5 views

GHSA-HM8F-75XX-W2VR sigstore CSRF possibility in OIDC authentication during signing

Summary The sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. Details OAuthSession creates a unique "state" and sends it as a parameter in the authentication request but the "state" in the server response seems not not be cross-checked with this value. Fix...

5.9AI score0.00158EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/01/26 9:34 p.m.9 views

sigstore CSRF possibility in OIDC authentication during signing

Summary The sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. Details OAuthSession creates a unique "state" and sends it as a parameter in the authentication request but the "state" in the server response seems not not be cross-checked with this value. Fix...

5CVSS5.9AI score0.00158EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/20 5:2 a.m.6 views

CVE-2025-14546

Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the getloginurl method allows for state generation, it does not persist the state or bind it to...

6.9CVSS6.9AI score0.00311EPSS
Exploits0References1
OSV
OSV
added 2025/12/19 6:30 a.m.7 views

GHSA-HP6R-R9VC-Q8WX FastAPI SSP is vulnerable to Cross-site Request Forgery (CSRF) through improper OAuth parameter validation

Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the getloginurl method allows for state generation, it does not persist the state or bind it to...

6.9CVSS6.8AI score0.00311EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/19 6:30 a.m.4 views

EUVD-2025-204438

FastAPI SSP is vulnerable to Cross-site Request Forgery CSRF through improper OAuth parameter validation...

6.9CVSS6.5AI score0.00311EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/12/19 6:30 a.m.10 views

FastAPI SSP is vulnerable to Cross-site Request Forgery (CSRF) through improper OAuth parameter validation

Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the getloginurl method allows for state generation, it does not persist the state or bind it to...

6.9CVSS6.9AI score0.00311EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52412

Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the get login url method allows for state generation, it does not persist the state or bind it ...

6.9CVSS6.9AI score0.00311EPSS
Exploits0References4
NVD
NVD
added 2025/12/05 11:15 p.m.5 views

CVE-2025-66629

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the respon...

4.3CVSS0.00086EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/05 10:47 p.m.21 views

CVE-2025-66629 HedgeDoc is missing state parameter in OAuth2 flows could lead to CSRF

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the respon...

3.7CVSS0.00086EPSS
Exploits0References2
OSV
OSV
added 2025/12/05 10:47 p.m.7 views

CVE-2025-66629 HedgeDoc is missing state parameter in OAuth2 flows could lead to CSRF

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the respon...

3.7CVSS6.7AI score0.00086EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/24 12:0 a.m.17 views

Tuya多款产品 安全漏洞

Tuya Android SDK and others are products of Tuya China.Tuya Android SDK is a software development kit.Tuya iOS SDK is a software development kit.Tuya Smart App is a smart app. A security vulnerability exists in several Tuya products, which stems from an unvalidated state parameter in the OAuth...

8.8CVSS6.5AI score0.00137EPSS
Exploits0References3
Rows per page
Query Builder