CVE

CVE-2020-5402

CVE-2020-5402

In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity providers.

Source: CVE-2020-5402

Exit mobile version