CSRF protection on user_oidc login returned the expected token in case of an error
Moderate
nickvergessen
published
GHSA-52hv-xw32-wf7fApr 4, 2023
Package
user_oidc
(Nextcloud)
Affected versions
>= 1.0.0
Patched versions
1.3.0
Description
Impact
This effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request.
Patches
It is recommended that the user_oidc is upgraded to 1.3.0.
Workarounds
No workaround available
References
Are there any links users can visit to find out more?
Impact
This effectively allowed an attacker to bypass the state protection as they could just copy the expected state token from the first request to their second request.
Patches
It is recommended that the user_oidc is upgraded to 1.3.0.
Workarounds
No workaround available
References
Are there any links users can visit to find out more?