A newly disclosed vulnerability, CVE-2025-46647, has been identified in the openid-connect plugin of Apache APISIX, a widely used open-source API gateway. This flaw, rated as important, could allow attackers to gain unauthorized access across different identity issuers under specific misconfigurations. The vulnerability was reported by JunXu Chen to the Apache APISIX development mailing list on July 2, […]

The post Apache APISIX Vulnerability Enables Cross-Issuer Access Under Misconfigurations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/apache-apisix-vulnerability/