| id: GO-2025-3371 |
| modules: |
| - module: github.com/h44z/wg-portal |
| non_go_versions: |
| - introduced: 2.0.0-alpha.1 |
| - fixed: 2.0.0-alpha.3 |
| vulnerable_at: 1.0.19 |
| summary: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover in github.com/h44z/wg-portal |
| ghsas: |
| - GHSA-2r2v-9pf8-6342 |
| references: |
| - advisory: https://github.com/h44z/wg-portal/security/advisories/GHSA-2r2v-9pf8-6342 |
| - fix: https://github.com/h44z/wg-portal/commit/62dbdfe0f96045d46e121d509fc181fbb7936895 |
| source: |
| id: GHSA-2r2v-9pf8-6342 |
| created: 2025-01-08T08:41:43.731247-10:00 |
| review_status: UNREVIEWED |