Tag

Sdk

1 brief RSS

Auth0.js SDK Improper Permission Checking Vulnerability

The Auth0.js SDK versions 8.11.0 to 9.32.0 improperly returns user profile information when provided a crafted invalid ID token, potentially bypassing access controls relying on Auth0 Actions.

auth0.js SDK auth0 sdk vulnerability authentication

2r 1t Jan 23, 2024