Total vulnerabilities in the database
The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users.
Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix.
| Software | From | Fixed in |
|---|---|---|
| 1e / platform | 24.7 | 24.7.x |
| 1e / platform | 23.11.1.15 | 23.11.1.15.x |
| 1e / platform | 23.7.1.80 | 23.7.1.80.x |
| 1e / platform | 8.4.1.229 | 8.4.1.229.x |