CVE-2022-3145
CVE-2022-3145 affects Okta OIDC Middleware before 5.0.0. The root cause is an open redirect due to insufficient validation of redirect URLs in the authentication flow (e.g., ensureAuthenticated). This enables an attacker to redirect users to arbitrary, attacker-controlled URLs after login. Remedi...