VYPR

Plugin Auth Backend

by Backstage

Source repositories

CVEs (1)

  • CVE-2026-32235Mar 12, 2026
    risk 0.00cvss epss 0.00

    Backstage is an open framework for building developer portals. Prior to 0.27.1, the experimental OIDC provider in @backstage/plugin-auth-backend is vulnerable to a redirect URI allowlist bypass. Instances that have enabled experimental Dynamic Client Registration or Client ID…