Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Microsoft Azure Active Directory Passport (aka Passport-Azure-AD) library 1.x before 1.4.6 and 2.x before 2.0.1 for Node.js does not recognize the validateIssuer setting, which allows remote attackers to bypass authentication via a crafted token.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Passport-Azure-AD for Node.js库安全漏洞
Vulnerability Description
Microsoft Azure Active Directory Passport(又名Passport-Azure-AD)library for Node.js是美国微软(Microsoft)公司的一个使用了Node.js(网络应用平台)的Passport策略库(集合),它用于帮助将节点应用程序与Windows Azure Active Directory(提供了云端的身份和访问管理的服务)集成,包括OpenID Connect、WS-Federation和SAML-P身份验证和授权等程序。 Micro
CVSS Information
N/A
Vulnerability Type
N/A