EPSS
Percentile
45.1%
github.com/pusher/oauth2_proxy is vulnerable to open redirection. Lack of validation in the redirect_url parameter allows an attacker to redirect a user to a malicious website and potentially steal the user’s authentication tokens.
redirect_url
github.com/pusher/oauth2_proxy/commit/a316f8a06f3c0ca2b5fc5fa18a91781b313607b2
github.com/pusher/oauth2_proxy/releases/tag/v5.0.0
github.com/pusher/oauth2_proxy/security/advisories/GHSA-qqxw-m5fj-f7gv