Implementation trusts the "me" field returned by the authorization server without verifying it
Critical severity
GitHub Reviewed
Published
Nov 19, 2020
in
simonw/datasette-indieauth
•
Updated Sep 7, 2023
Give feedback on Dependabot alerts