Skip to content

Implementation trusts the "me" field returned by the authorization server without verifying it

Critical severity GitHub Reviewed Published Nov 19, 2020 in simonw/datasette-indieauth • Updated Sep 7, 2023

No open alerts for this advisory

Give feedback on Dependabot alerts