Submit #710268: https://github.com/getmaxun https://github.com/getmaxun/maxun ≤ v0.0.28 Authentication Bypass Issuesinfo

Titlehttps://github.com/getmaxun https://github.com/getmaxun/maxun ≤ v0.0.28 Authentication Bypass Issues
DescriptionIn versions of maxun prior to 0.0.29, the /auth/user/ interface contained an IODR vulnerability, allowing any legitimate user to bypass authentication by iterating through all user information, effectively granting administrator privileges.
Source⚠️ https://gist.github.com/H2u8s/1a0bdb19d5c8c8f4dc72cb49ffe9a22b
User
 28Hus (UID 92415)
Submission12/09/2025 15:26 (6 months ago)
Moderation12/26/2025 19:11 (17 days later)
StatusAccepted
VulDB entry338477 [getmaxun up to 0.0.28 Authentication Endpoint auth.ts router.get improper authorization]
Points16

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!