1 results (0.004 seconds)

CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0

The Identity Server used by 1E Platform could enable URL redirection to untrusted sites. Note: The Identity Server on 1E Platform has been updated with the necessary patch. The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users. Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix. • https://www.1e.com/trust-security-compliance/cve-info •