Information Exposure Affecting identityserver3 Open this link in a new tab package, versions [2.0.0,2.6.1)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
18 Apr 2019
25 Jul 2018
How to fix?
Upgrade IdentityServer3 to version 2.6.1 or higher.
IdentityServer3 is a framework and a hostable component that allows implementing single sign-on and access control for modern web applications and APIs using protocols like OpenID Connect and OAuth2.
Affected versions of this package are vulnerable to Information Exposure due to a flaw in Angular expression on the authorise response page.