High severity7.7NVD Advisory· Published Sep 14, 2025· Updated Apr 15, 2026
CVE-2025-59363
CVE-2025-59363
Description
In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),
Affected products
1- Range: <2025.3.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.