CVE-2025-59363

7.7HIGH

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

Publicado: 9/14/2025Actualizado: 9/15/2025
Ver en NVDVer en MITRE

Descripción

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

Análisis IAImpulsado por IA

Referencias