Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
authentik has an insecure default configuration for OAuth2 Redirect URIs
Vulnerability Description
authentik is an open-source identity provider. Redirect URIs in the OAuth2 provider in authentik are checked by RegEx comparison. When no Redirect URIs are configured in a provider, authentik will automatically use the first redirect_uri value received as an allowed redirect URI, without escaping characters that have a special meaning in RegEx. Similarly, the documentation did not take this into consideration either. Given a provider with the Redirect URIs set to https://foo.example.com, an attacker can register a domain fooaexample.com, and it will correctly pass validation. authentik 2024.8.5 and 2024.10.3 fix this issue. As a workaround, When configuring OAuth2 providers, make sure to escape any wildcard characters that are not intended to function as a wildcard, for example replace `.` with `\.`.
CVSS Information
N/A
Vulnerability Type
不正确的正则表达式
Vulnerability Title
authentik 安全漏洞
Vulnerability Description
authentik是authentik开源的一个开源身份提供应用程序。 authentik存在安全漏洞,该漏洞源于存在OAuth2重定向URI的不安全默认配置,从而导致攻击者可获取不应有的权限或进行恶意操作。
CVSS Information
N/A
Vulnerability Type
N/A