Vulnerabilities > Oauth2 Server Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-29	CVE-2020-26938	Open Redirect vulnerability in Oauth2-Server Project Oauth2-Server In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. network low complexity oauth2-server-project CWE-601	7.2
2020-10-04	CVE-2017-18924	Code Injection vulnerability in Oauth2-Server Project Oauth2-Server oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. network low complexity oauth2-server-project CWE-94	7.5

Vulnerabilities > Oauth2 Server Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oauth2 Server Project"}]}