CVE-2026-33525
- EPSS 0.05%
- Veröffentlicht 26.03.2026 19:22:57
- Zuletzt bearbeitet 02.04.2026 18:20:55
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the A...
CVE-2025-24806
- EPSS 0.12%
- Veröffentlicht 19.02.2025 18:15:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treat...
- EPSS 0.47%
- Veröffentlicht 28.05.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 06:07:25
Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mecha...
CVE-2021-29456
- EPSS 0.15%
- Veröffentlicht 21.04.2021 19:15:35
- Zuletzt bearbeitet 21.11.2024 06:01:08
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able...