CVE-2022-0916 – Broken authentication on Logitech Options due to misvalidation of Oauth state parameter

https://notcve.org/view.php?id=CVE-2022-0916

An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations. Se ha detectado un problema en Logitech Options. El parámetro de estado de OAuth 2.0 no es comprobado apropiadamente. • https://support.logi.com/hc/en-us/articles/360025297893 • CWE-287: Improper Authentication CWE-352: Cross-Site Request Forgery (CSRF) •