Vulnerabilities > Okta > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-0392 | Unquoted Search Path or Element vulnerability in Okta Ldap Agent The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution. | 6.7 |
| 2023-07-20 | CVE-2021-45094 | Cross-site Scripting vulnerability in Okta Imprivata Privileged Access Management 2.3.202112051108 Imprivata Privileged Access Management (formally Xton Privileged Access Management) 2.3.202112051108 allows XSS. | 5.4 |
| 2023-01-12 | CVE-2022-3145 | Open Redirect vulnerability in Okta Oidc Middleware An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL. | 4.7 |