VYPR

apifest-oauth20

by ApiFest

CVEs (1)

  • CVE-2020-26877MedJun 29, 2022
    risk 0.40cvss 6.1epss 0.01

    ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking…