Security Advisory

CVE-2025-59363

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-14 00:00:00
Last updated 2025-09-15 15:57:12
Assigner mitre
State PUBLISHED

Description

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),