-
## What is missing or needs to be updated?
The current Mobile Application Security Cheat Sheet lacks specific guidance on securing app functionality that could be accessed when an iOS/iPadOS device i…
-
We received a [request tracker ticket ](https://rt.camdsupport.com/rt/Ticket/Display.html?id=75287) asking about the use of the ECMPS 2.0 API. A bearer token is required to use any of the API endpoin…
-
**Which version of Microsoft.IdentityModel are you using?**
Note that to get help, you need to run the latest version.
**Where is the issue?**
* [X] M.IM.JsonWebTokens
* [ ] M.IM.KeyVaultEx…
-
# Acceptance Criteria
* Authentication tokens can be represented by "remember me" (database state) or PHP sessions
* All authentication tokens are expired when a password is changed or reset (re…
-
### ⚠️ Please verify that this question has NOT been raised before.
- [X] I checked and didn't find similar issue
### 🛡️ Security Policy
- [X] I agree to have read this project [Security Poli…
-
Hello,
I'm a security research. I perform a security testing on open-source projects for free.
**Bug**
1. Users can create a username with a space in it. For example "tester" and " tester". How…
-
That's an issue that keep me digging for at least 3days now. Any help will be welcome:
If design token file on component level with some breakpoints exeptions so I end up with this kind of case:
…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0xfa88e2d7539668bbc84705cfdda1ebf36cd9870ab3da4c1f0b2f580dacbe53cd
**Severity:** medium
**Description:**
**Descriptio…
-
* **I'm submitting a ...**
Bug report
* **What is the current behavior and expected behavior?**
When trying to send tokens from a **nested proxy account** (proxy_1 controlled by proxy_0), the…
-
### There seems to be a slight mixup between
- security policies (None, Basic256Sha256, Aes128Sha256RsaOaep, Aes256Sha256RsaPss)
- supported UserTokenTypes (Anonymous, UserName, Certificate, IssuedT…