AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-7qjx-gp9h-65qj: Dex: Token-exchange endpoint is missing AllowedConnectors enforcement

highvulnerability

security

Source: GitHub Advisory DatabaseJune 9, 2026

Summary

Dex's token-exchange endpoint has a security gap: it doesn't check if a client is allowed to use a specific connector before issuing tokens, even though other endpoints enforce this permission check. This means if a client's secret leaks, an attacker could use a high-trust connector (like corporate authentication) that the client shouldn't have access to, bypassing admin restrictions.

Solution / Mitigation

Insert `isConnectorAllowed(client.AllowedConnectors, connID)` between the existing validation checks in the `handleTokenExchange` function (after line 1842, where `GrantTypeAllowed` is called, and before tokens are issued at lines 1887/1889). This matches the enforcement pattern already used in sibling handlers like `handleConnectorLogin` (line 377) and `parseAuthorizationRequest` (line 535).

Classification

Attack SophisticationModerate

Affected Packages

github.com/dexidp/dex@< 0.0.0-20260303131938-204dbb2e3ff7 (fixed: 0.0.0-20260303131938-204dbb2e3ff7)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-7qjx-gp9h-65qj

First tracked: June 9, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 95%