• caglararli@hotmail.com
  • 05386281520

CVE-2023-50708 | yii2-authclient up to 2.2.14 OAuth1/OAuth2/OpenID timing discrepancy

Çağlar Arlı      -    63 Views

CVE-2023-50708 | yii2-authclient up to 2.2.14 OAuth1/OAuth2/OpenID timing discrepancy

A vulnerability was found in yii2-authclient up to 2.2.14. It has been declared as problematic. This vulnerability affects unknown code of the component OAuth1/OAuth2/OpenID. The manipulation leads to observable timing discrepancy. This vulnerability was named CVE-2023-50708. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.