296,480
Total vulnerabilities in the database
In applications built with the Auth0-PHP SDK, the Bulk User Import endpoint does not validate the file path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths or URLs.
You are affected by this vulnerability if you meet the following preconditions:
Upgrade Auth0/symfony to version 5.5.0 or greater.
Okta would like to thank Mohamed Amine Saidani (pwni) for discovering this vulnerability.