Vulnerabilities > Okta > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-08 CVE-2023-0392 Unquoted Search Path or Element vulnerability in Okta Ldap Agent
The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution.
local
low complexity
okta CWE-428
6.7
2023-07-20 CVE-2021-45094 Cross-site Scripting vulnerability in Okta Imprivata Privileged Access Management 2.3.202112051108
Imprivata Privileged Access Management (formally Xton Privileged Access Management) 2.3.202112051108 allows XSS.
network
low complexity
okta CWE-79
5.4
2023-01-12 CVE-2022-3145 Open Redirect vulnerability in Okta Oidc Middleware
An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.
network
low complexity
okta CWE-601
4.7