Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security vulnerability #53

Open
dreed12 opened this issue Jan 17, 2018 · 2 comments
Open

Security vulnerability #53

dreed12 opened this issue Jan 17, 2018 · 2 comments
Labels

Comments

@dreed12
Copy link

dreed12 commented Jan 17, 2018

ForgeRock's AM/OpenAM Security Advisory #201801 notes that a vulnerability that also affects the OpenAM 11.0.3 Community Edition has been discovered.

@dreed12 dreed12 added the bug label Jan 17, 2018
@FireBurn
Copy link
Contributor

As there's no access to the trunk / master branch and Forgerock have said they won't be releasing backported patches to the community edition I'm not sure how to fix this.

@FireBurn
Copy link
Contributor

I think the problem probably lies in openam-ui-ria/src/main/js/org/forgerock/openam/ui/user/login/AuthNDelegate.js the output must be different if the user exists compared to if it doesn't

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

No branches or pull requests

2 participants