PT-2024-40159 · Laravel · Laravel/Socialite
Published
2024-05-15
·
Updated
2024-05-15
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions:
laravel/socialite versions prior to 2.0.10
Description:
The issue is related to state guessing during OAuth authentication, which could potentially lead to session hijacking, allowing attackers to compromise user sessions.
Recommendations:
For versions prior to 2.0.10, update to version 2.0.10 to resolve the issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Laravel/Socialite