Vulnerabilities > Shibboleth > Oidc OP > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2022-24129 Server-Side Request Forgery (SSRF) vulnerability in Shibboleth Oidc OP
The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter.
network
low complexity
shibboleth CWE-918
6.4