Filtered by vendor Auth0
Subscriptions
Filtered by product Aspnet-owin
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-15121 | 1 Auth0 | 2 Aspnet, Aspnet-owin | 2024-08-05 | N/A |
| An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Affected packages do not use or validate the state parameter of the OAuth 2.0 and OpenID Connect protocols. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations. | ||||
Page 1 of 1.