Impact
Unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.
Patches
Users should upgrade to at least 6.3.x.
Workarounds
None.
Credit
Many thanks to Matthias Gerstner for finding this issue and for Alberto Planas for the fix.
For more information
If you have any questions or comments about this advisory:
Impact
Unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar.
Patches
Users should upgrade to at least 6.3.x.
Workarounds
None.
Credit
Many thanks to Matthias Gerstner for finding this issue and for Alberto Planas for the fix.
For more information
If you have any questions or comments about this advisory: