OAuth - CVE CyberSecurity Database News

Jul 17, 2024 OAuth

CVE-2024-6535: Skupper Console Vulnerability - Bypassing Authentication with a Specially-Crafted Cookie

A newly discovered vulnerability, identified as CVE-2024-6535, affects Skupper, a popular service-networking solution that delivers secure communication capabilities at the application layer. This vulnerability may

Jun 12, 2024 API Exploit OAuth consensu.io

CVE-2023-48280: Missing Authorization Vulnerability in Consensu.IO - Exploit Details, Code Snippets, and Original References

A recently discovered vulnerability, CVE-2023-48280, exposes a Missing Authorization issue in the software package Consensu.IO, which may lead to potential exploits by malicious actors.

Jun 12, 2024 CSRF Exploit OAuth lim kai yang grab & save

CVE-2023-47845: Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang's Grab & Save affecting versions up to 1..4

Introduction: A recent vulnerability has been discovered in Lim Kai Yang's Grab & Save. This post will provide an in-depth analysis of the

Jun 3, 2024 Exploit OAuth

CVE-2024-4540: Information Disclosure Vulnerability in Keycloak OAuth 2. Pushed Authorization Requests (PAR)

In this extensive post, we will discuss a vulnerability that was recently discovered in Keycloak, a popular open-source Identity and Access Management solution. The vulnerability,

Feb 29, 2024 XSS Exploit OAuth dpgaspar Flask-AppBuilder

CVE-2024-27083 - Critical XSS Vulnerability Discovered in Flask-AppBuilder's OAuth Login Page

A serious security vulnerability has been identified in Flask-AppBuilder, a popular application development framework built on top of Flask. This vulnerability, identified as CVE-2024-27083, is