Description
An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.
Remediation
References
https://github.com/okta/okta-oidc-middleware/security/advisories/GHSA-58h4-9m7m-j9m4
Related Vulnerabilities
CVE-2015-5253 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-security-sso-saml
CVE-2023-31826 Vulnerability in maven package org.skyscreamer:nevado-jms
CVE-2020-15119 Vulnerability in maven package org.webjars.npm:auth0-lock
CVE-2022-25869 Vulnerability in maven package org.webjars.bower:angular
CVE-2020-11994 Vulnerability in maven package org.apache.camel:camel-robotframework