[MEDIUM] yiisoft/yii2-authclient's Oauth2 PKCE implementation is vulnerable

PKSA-wcwc-j6xh-hv2d CVE-2023-50714 GHSA-rw54-6826-c8j5

Affected package: yiisoft/yii2-authclient

Affected version: <2.2.15

Reported by:
GitHub