Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Glewlwyd SSO server 授权问题漏洞
Vulnerability Description
Glewlwyd SSO server是一个用于 OAuth2 和 OpenID Connect 身份验证的多因素身份验证的单点登录 (SSO) 服务器。 Glewlwyd SSO server 2.0.0存在安全漏洞,该漏洞源于不正确的访问控制。一个用户可以在没有密码的情况下尝试以另一个用户身份登录。
CVSS Information
N/A
Vulnerability Type
N/A