CVE-2024-10318
Summary of CVE-2024-10318: A session-fixation vulnerability in the NGINX OpenID Connect reference implementation arises from nonce validation being skipped at login. This allows an attacker to coerce a victim’s session to an attacker-controlled account, enabling potential misuse of the victim’s s...