Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2021-32792

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://github.com/zma...
MISC: https://github.com/zma...
MISC: https://github.com/zma...
MISC: https://github.com/zma...
FEDORA: FEDORA-2021-17f5cedf66
FEDORA: FEDORA-2021-e3017c538a
MISC: https://www.oracle.com...
MLIST: [debian-lts-announce] ...

Launchpad.net

CVE 2021-32792

Related bugs

References