From 3d550b8321c980dd193660f9e9a6fb52fbbc95e0 Mon Sep 17 00:00:00 2001
From: Maria Khrustaleva <maria@cvat.ai>
Date: Wed, 28 Dec 2022 09:52:52 +0100
Subject: [PATCH 1/2] Fix vulnerability

---
 cvat/apps/engine/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cvat/apps/engine/views.py b/cvat/apps/engine/views.py
index 0c607e7f3d1a..aa3ecd1438b2 100644
--- a/cvat/apps/engine/views.py
+++ b/cvat/apps/engine/views.py
@@ -251,12 +251,12 @@ def plugins(request):
     def advanced_authentication(request):
         use_social_auth = settings.USE_ALLAUTH_SOCIAL_ACCOUNTS
         integrated_auth_providers = settings.SOCIALACCOUNT_PROVIDERS.keys() if use_social_auth else []
-        google_auth_is_enabled = (
+        google_auth_is_enabled = bool(
             'google' in integrated_auth_providers
             and settings.SOCIAL_AUTH_GOOGLE_CLIENT_ID
             and settings.SOCIAL_AUTH_GOOGLE_CLIENT_SECRET
         )
-        github_auth_is_enabled = (
+        github_auth_is_enabled = bool(
             'github' in integrated_auth_providers
             and settings.SOCIAL_AUTH_GITHUB_CLIENT_ID
             and settings.SOCIAL_AUTH_GITHUB_CLIENT_SECRET

From bd1f3ff44f122b5e0f3db4dd3de4470d7589a8c7 Mon Sep 17 00:00:00 2001
From: Maria Khrustaleva <maria@cvat.ai>
Date: Wed, 28 Dec 2022 11:02:10 +0100
Subject: [PATCH 2/2] Update changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2bf82b1b731b..cb2098b0aa35 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,7 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Helm: Empty password for Redis (<https://github.com/opencv/cvat/pull/5520>)
 
 ### Security
-- TDB
+- Fixed vulnerability with social authentication (<https://github.com/opencv/cvat/pull/5521>)
 
 ## \[2.3.0] - 2022-12-22
 ### Added