CVE-2026-12740 | Plack::Middleware::OAuth up to 0.10 OAuth 2.0 State RequestTokenV2/AccessTokenV2 state cross-site request forgery
A vulnerability was found in Plack::Middleware::OAuth up to 0.10. It has been classified as problematic. Affected is the function RequestTokenV2/AccessTokenV2 of the component OAuth 2.0 State Handler. Performing a manipulation of the argument state results in cross-site request forgery.
This vulnerability was named CVE-2026-12740. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More