CVE-2024-1440

Name of the Vulnerable Software and Affected Versions WSO2 products (affected versions not specified)

Description An open redirection issue exists due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. This allows a malicious actor to craft a valid link that redirects users to an attacker-controlled site, potentially enabling phishing attacks to harvest sensitive information or perform other harmful actions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.