PT-2018-17795 · Auth0 · Auth0
Published
2018-04-04
·
Updated
2018-11-06
·
CVE-2018-6874
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Auth0 authentication service through 14591
Description
A CSRF issue exists in the Auth0 authentication service when the Legacy Lock API flag is enabled.
Recommendations
For versions through 14591, disable the Legacy Lock API flag to mitigate the issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Auth0