Description
ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter.
References (5)
Core 5
Core References
Release Notes, Third Party Advisory x_refsource_misc
https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=RIyZLeKEC8E
Release Notes, Third Party Advisory x_refsource_misc
https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://hackerone.com/reports/456333
Patch, Third Party Advisory x_refsource_misc
https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3
Scores
CVSS v3
6.1
EPSS
0.0032
EPSS Percentile
55.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (42)
ory/hydra
0.1 beta1 (4 CPE variants)
ory/hydra
0.2.0
ory/hydra
0.3.0
ory/hydra
0.3.1
ory/hydra
0.4.0
ory/hydra
0.4.1
ory/hydra
0.4.2 (6 CPE variants)
ory/hydra
0.4.3
ory/hydra
0.5.0
ory/hydra
0.5.1
... and 32 more
Published
Feb 17, 2019
Tracked Since
Feb 18, 2026