Security Advisory

CVE-2025-52924

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-19 00:00:00

Last updated 2025-07-23 15:16:29

Assigner mitre

State PUBLISHED

Description

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header.

← Browse all CVEs View on cve.org ↗