RSS   Podatności dla 'Oidc op'   RSS

2022-02-04
 
CVE-2022-24129

CWE-918
 

 
The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.

 

 >>> Vendor: Shibboleth 8 Produkty
Identity provider
Service provider
Opensaml
Shibboleth-sp
Shibboleth-identity-provider
Opensaml java
Identify provider
Oidc op


Copyright 2024, cxsecurity.com

 

Back to Top