CVE ID : CVE-2021-35473
Published : Nov. 10, 2024, 11:15 p.m. | 1 hour, 1 minute ago
Description : An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…