Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-3876: Invalid Bug ID

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.

CVE
#xss#csrf#vulnerability#java#oauth#auth

‘CVE-2019-3876?cve=title’ is not a valid bug number nor an alias to a bug.

Please press Back and try again.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907