Last Modified: Oct 17, 2023
Known Affected Versions:
17.1.0, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206
Opened: Oct 17, 2022 Severity: 3-Major
In muti-domain Single Sign-On (SSO) or SAML Auth, the location header query string separator is converted from "?" to "%3F" or / to "%2F"
MultiDomain Auth or SAML Auth will fail
- Create an access policy with a redirect to login page.
A function that was used to normalize URLs was corrected.