CVE-2024-2321 | WSO2 API Manager/Identity Server Refresh Token authorization

Inserito da Angelo Barbosa | Feb 27, 2025 | CVE

A vulnerability was found in WSO2 API Manager and Identity Server and classified as problematic. Affected by this issue is some unknown functionality of the component Refresh Token Handler. The manipulation leads to incorrect authorization.

This vulnerability is handled as CVE-2024-2321. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-2321 | WSO2 API Manager/Identity Server Refresh Token authorization

Post correlati

CVE-2024-5468 | Header Builder Plugin up to 1.3.7 on WordPress Site Options authorization

CVE-2024-27918 | Coder OIDC Authentication improper authentication

CVE-2024-6684 | GST Electronics inohom Nova Panel N7 up to 1.9.9.6 authentication bypass

CVE-2025-27143 | better-auth up to 1.1.19 callbackURL redirect (GHSA-8jhw-6pjj-8723)