Ory Hydra has a SQL injection via forged pagination tokens
Following Admin APIs in Ory Hydra are vulnerable to SQL injection due to flaws in its pagination implementation: listOAuth2Clients listOAuth2ConsentSessions listTrustedOAuth2JwtGrantIssuers Pagination tokens are encrypted using the secret configured in secrets.pagination. If this value is not set, Hydra falls back to using secrets.system. An attacker who knows this secret can craft their own tokens, including malicious tokens that lead to SQL injection.