fliespl
commented
3 years ago @DeChaun From what I see - it's not really a security fix, but simply a bug fix.
It failed to allow redirectUri under certain scenario, but it should (not the other way around - that's why it's not security fix).
deguif
Hi there
FriendsOfSymfony/oauth2-php has released a minor update to fix a security issue.
Am I right to suggest this bundle should update its composer requirements for the oauth2-php bundle to version 1.3.0?
Thanks in advance!