2014-05-20 14:00:00
redhat
PUBLISHED
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.