Submeter #580256: open-event-server v1.19.1 Reliance on Obfuscation or Encryption of Security-Relevant Inputinformação

Títuloopen-event-server v1.19.1 Reliance on Obfuscation or Encryption of Security-Relevant Input
DescriçãoOpen event server has a token encryption-oracle, by leveraging which attackers can craft any email address' verification token, leading to email verification bypass.
Fonte⚠️ https://gist.github.com/superboy-zjc/31ecea91b304b8dd9871ad507467ca61
Utilizador
 Gavin Zhong (UID 84092)
Submissão18/05/2025 18h14 (há 11 meses)
Moderação29/05/2025 10h20 (11 days later)
EstadoAceite
Entrada VulDB310493 [fossasia open-event-server 1.19.1 Mail Verification mail.py send_email_change_user_email]
Pontos15

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!