Lowaeneasr

**Name of the Vulnerable Software and Affected Versions** ORY Fosite versions prior to 0.34.0 **Description** The issue arises from improper error handling in the `TokenRevocationHandler`, which ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. An attacker's ability to exploit this relies on the ability to trigger errors in the underlying storage. **Recommendations** For versions prior to 0.34.0, update to version 0.34.0 to resolve the issue. As a temporary workaround, consider implementing additional error handling mechanisms for the `TokenRevocationHandler` to prevent unexpected 200 status codes. Restrict access to the token revocation endpoint to minimize the risk of exploitation until the update is applied.