CVE-2022-3145
URL Redirection to Untrusted Site ('Open Redirect') in npm/@okta/oidc-middleware
Identifiers
CVE-2022-3145, GHSA-58h4-9m7m-j9m4
Package Slug
npm/@okta/oidc-middleware
Vulnerability
URL Redirection to Untrusted Site ('Open Redirect')
Description
An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.
Affected Versions
All versions before 5.0.0
Solution
Upgrade to version 5.0.0 or above.
Last Modified
2023-01-23
| source |