Product
An open redirect vulnerability exists in SigNoz through version 0.133.0 within its SSO authentication flow, affecting instances configured with Google OAuth, SAML, or OIDC. Unauthenticated attackers can exploit this by crafting a login URL with a malicious `ref` parameter pointing to an attacker-controlled host. By delivering this crafted URL to a victim, attackers can steal the victim's access and refresh tokens upon successful SSO authentication, leading to session compromise.