CVE-2022-25262 - JetBrains Hub single-click SAML response takeover
PoC + vulnerability details for CVE-2022-25262 | JetBrains Hub single-click SAML response takeover.
The weakness consists of 2 parts:
- Usage of OAuth2 authorization code pool for “OAuth2 -> SAML” exchange process.
- Authorization code takeover using YouTrack Konnector integration.
CVE-2022-25262 - JetBrains Hub single-click SAML response takeover