Alerts Events DCR

Go to listing page

Critical Vulnerability in OneLogin AD Connector Enables JWT Forgery and Cross-Tenant Account Takeovers

A critical vulnerability in OneLogin’s AD Connector exposed enterprise authentication systems to severe risk. The flaw allowed attackers to obtain credentials, impersonate users, and access sensitive applications by forging JSON Web Tokens (JWTs).

OneLogin
Active Directory Connector
JWT Forgery
Identity and Access Management
Authentication Bypass

Publisher