CVE-2022-3145

An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.
Configurations

Configuration 1 (hide)

cpe:2.3:a:okta:oidc_middleware:*:*:*:*:*:node.js:*:*

History

21 Nov 2024, 07:18

Type Values Removed Values Added
References () https://github.com/okta/okta-oidc-middleware/security/advisories/GHSA-58h4-9m7m-j9m4 - Third Party Advisory () https://github.com/okta/okta-oidc-middleware/security/advisories/GHSA-58h4-9m7m-j9m4 - Third Party Advisory
Summary
  • (es) Existe una vulnerabilidad de redireccionamiento abierto en Okta OIDC Middleware anterior a la versión 5.0.0 que permite a un atacante redirigir a un usuario a una URL arbitraria.

Information

Published : 2023-01-12 19:15

Updated : 2024-11-21 07:18


NVD link : CVE-2022-3145

Mitre link : CVE-2022-3145

CVE.ORG link : CVE-2022-3145


JSON object : View

Products Affected

okta

  • oidc_middleware
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')