Description
An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.
Remediation
References
https://github.com/okta/okta-oidc-middleware/security/advisories/GHSA-58h4-9m7m-j9m4
Related Vulnerabilities
CVE-2021-36372 Vulnerability in maven package org.apache.ozone:ozone-common
CVE-2021-31409 Vulnerability in maven package com.vaadin:vaadin-compatibility-server
CVE-2017-16114 Vulnerability in maven package org.webjars.bower:marked
CVE-2022-29166 Vulnerability in npm package matrix-appservice-irc
CVE-2014-3623 Vulnerability in maven package org.apache.cxf:cxf