Tao Sauvage

**Name of the Vulnerable Software and Affected Versions** Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 **Description** The issue is related to command injection due to an outdated third-party library called `webbrowser`. This library is used by the Okta Advanced Server Access Client. To exploit this issue, an attacker would need to phish the user into entering an attacker-controlled server URL during enrollment. **Recommendations** For Okta Advanced Server Access Client versions 1.13.1 through 1.65.0, consider updating to a version that includes an updated `webbrowser` library to prevent command injection attacks. As a temporary workaround, restrict user enrollment to trusted server URLs to minimize the risk of exploitation.