Description
The OpenID Connect server implementation for MITREid Connect through 1.3.3 is vulnerable to a Server Side Request Forgery (SSRF) vulnerability. The vulnerability arises due to unsafe usage of the logo_uri parameter in the Dynamic Client Registration request. An unauthenticated attacker can make a HTTP request from the vulnerable server to any address in the internal network and obtain its response (which might, for example, have a JavaScript payload for resultant XSS).
Remediation
Upgrade to the latest version of MITREid Connect
References
Related Vulnerabilities
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.27)
WordPress Plugin wpForo Forum Multiple Vulnerabilities (2.1.7)
WordPress 3.7.4 Multiple Vulnerabilities (3.7 - 3.7.4)
WordPress Plugin Canto Multiple Server-Side Request Forgery Vulnerabilities (1.7.0)
WordPress Plugin HTTP Headers Multiple Vulnerabilities (1.9.1)