[Openid-specs-ab] detailed error messages
Tom Jones
thomasclinganjones at gmail.com
Wed Sep 3 04:29:38 UTC 2025
I have tried to tell various parts of OIDF to avoid detailed error
messages, but those warnings have been ignored. Perhaps this will change
your minds?
BM--Security Verify Governance Identity Manager IBM Security Verify
Governance Identity Manager 10.0.2 could allow a remote attacker to obtain
sensitive information when detailed technical error messages are returned.
This information could be used in further attacks against the system.
2025-08-28 7.5 CVE-2025-36003
<https://www.cve.org/CVERecord?id=CVE-2025-36003>
Peace ..tom jones
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250902/0fd63ace/attachment.htm>
More information about the Openid-specs-ab
mailing list