2025-07-19 00:00:00
mitre
PUBLISHED
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header.