0.003 Low
EPSS
Percentile
68.8%
spring-security-oauth2 is vulnerable to open redirection. A remote attacker is able to modify the redirect_uri parameter and redirect users to a malicious site to steal confidential information such as authorization code, username and password.
redirect_uri
packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html
pivotal.io/security/cve-2019-11269
www.oracle.com/security-alerts/cpujan2021.html