Versions in this module
v1
Dec 20, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Oct 19, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Oct 19, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Oct 18, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Aug 24, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jul 29, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jul 18, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jul 7, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jun 21, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jun 7, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Jun 1, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 24, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 20, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 11, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 5, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 29, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 28, 2022 GO-2024-2637 +12 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 4, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 3, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 2, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 29, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 29, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 28, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 28, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 27, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 27, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 27, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 16, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 13, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 13, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 13, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 11, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 10, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 9, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
May 6, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel
Apr 27, 2022 GO-2024-2637 +13 more
GO-2024-2637: Account Takeover via Session Fixation in Zitadel [Bypassing MFA] in github.com/zitadel/zitadel
GO-2024-2655: XSS in github.com/zitadel/zitadel
GO-2024-2664: ZITADEL's actions can overload reserved claims in github.com/zitadel/zitadel
GO-2024-2665: ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass in github.com/zitadel/zitadel
GO-2024-2788: ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass in github.com/zitadel/zitadel
GO-2024-2804: Zitadel exposing internal database user name and host information in github.com/zitadel/zitadel
GO-2024-2968: ZITADEL Vulnerable to Session Information Leakage in github.com/zitadel/zitadel
GO-2024-3014: ZITADEL "ignoring unknown usernames" vulnerability in github.com/zitadel/zitadel
GO-2024-3015: ZITADEL has improper HTML sanitization in emails and Console UI in github.com/zitadel/zitadel
GO-2024-3137: ZITADEL's User Grant Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3138: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation in github.com/zitadel/zitadel
GO-2024-3139: ZITADEL's Service Users Deactivation not Working in github.com/zitadel/zitadel
GO-2024-3216: Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel
GO-2024-3217: User Registration Bypass in Zitadel in github.com/zitadel/zitadel