Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security Software Pvt Ltd. OAuth Single Sign On - SSO (OAuth Client) allows Password Recovery Exploitation. This issue affects OAuth Single Sign On - SSO (OAuth Client): from n/a through 38.5.8.
Problem types
CWE-288 Authentication Bypass Using an Alternate Path or Channel
Product status
Any version
Credits
Kim Dvash | Patchstack Bug Bounty Program
References
patchstack.com/...ken-authentication-vulnerability?_s_id=cve