CVE-2023-22320

CVE-2023-22320

Vendor Openam Consortium
Product OpenAM Web Policy Agent (OpenAM Consortium Edition)
Weakness CWE-22 · Path traversal
Published January 10, 2023
Last update April 7, 2025

CVSS base score

What the vulnerability does

01Description

OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.

Key dates

02Disclosure timeline

January 10, 2023 CVE published
April 7, 2025 Record updated