OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps The Hacker Newsinfo@thehackernews.com (The Hacker News)

A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC) application client secrets under certain circumstances.
The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0. It has been described as a case of A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC) application client secrets under certain circumstances.
The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0. It has been described as a case of

In The News

Tech Jacks
Derrick Jackson is a IT Security Professional with over 10 years of experience in Cybersecurity, Risk, & Compliance and over 15 Years of Experience in Enterprise Information Technology

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps The Hacker [email protected] (The Hacker News)

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps The Hacker [email protected] (The Hacker News)

Share this:

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog