CVE

CVE-2023-28799

admin

CVE-2023-28799

A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain. 

Source: CVE-2023-28799

Exit mobile version