Enviar #421516: didi DDMQ 1.0 Authorization Bypassinformación

Título	didi DDMQ 1.0 Authorization Bypass
Descripción	In DDMQ console module through all the versions, a specially crafted request may cause an authentication bypass. Attackers can add “/;login” at the tail of authorization-required urls to bypass the authentication and retrieve sensitive information.
Fuente	⚠️ https://github.com/didi/DDMQ/issues/37
Usuario	gaogaostone (UID 53740)
Sumisión	2024-10-10 09:32 (hace 2 años)
Moderación	2024-10-18 21:54 (9 days later)
Estado	Aceptado
Entrada de VulDB	280957 [didi DDMQ 1.0 Console autenticación débil]
Puntos	17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!