Описание
In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),
EPSS
Процентиль: 17%
0.00056
Низкий
7.7 High
CVSS3
Дефекты
CWE-669
Связанные уязвимости
CVSS3: 7.7
github
5 месяцев назад
In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),
EPSS
Процентиль: 17%
0.00056
Низкий
7.7 High
CVSS3
Дефекты
CWE-669