| Titel | https://github.com/getmaxun https://github.com/getmaxun/maxun ≤ v0.0.28 Authentication Bypass Issues |
|---|
| Beschreibung | In versions of maxun prior to 0.0.29, the /auth/user/ interface contained an IODR vulnerability, allowing any legitimate user to bypass authentication by iterating through all user information, effectively granting administrator privileges. |
|---|
| Quelle | ⚠️ https://gist.github.com/H2u8s/1a0bdb19d5c8c8f4dc72cb49ffe9a22b |
|---|
| Benutzer | 28Hus (UID 92415) |
|---|
| Einreichung | 09.12.2025 15:26 (vor 6 Monaten) |
|---|
| Moderieren | 26.12.2025 19:11 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 338477 [getmaxun bis 0.0.28 Authentication Endpoint auth.ts router.get erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|