By Jason Macy | Date posted: May 23, 2018
Last month, another major identity management vendor revealed a significant vulnerability. This time it was Auth0.
While conducting its own research, Cinta Infinita discovered the vulnerability in Auth0’s Legacy Lock API. The security firm noted it “was able to bypass password authentication when logging into Auth0’s Management Dashboard by forging an authentication token.”