CVE-2024-55017

Name of the Vulnerable Software and Affected Versions Corezoid version 6.6.0

Description An issue exists in the OAuth2 implementation of Corezoid that allows for account takeover. The vulnerability is due to an open redirect within the redirect uri parameter. This allows attackers to intercept authorization codes and gain unauthorized access to victim accounts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.