Lucene search
GoCVELIST:CVE-2023-45292HistoryDec 11, 2023 - 9:51 p.m.
CVE-2023-45292 Captcha verification bypass in github.com/mojocn/base64Captcha
2023-12-1121:51:16
Go
www.cve.org
1
cve-2023-45292
github
captcha
verification
bypass
0.001 Low
EPSS
Percentile
20.6%
When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be correct.
CNA Affected
[
{
"vendor": "github.com/mojocn/base64Captcha",
"product": "github.com/mojocn/base64Captcha",
"collectionURL": "https://pkg.go.dev",
"packageName": "github.com/mojocn/base64Captcha",
"versions": [
{
"version": "0",
"lessThan": "1.3.6",
"status": "affected",
"versionType": "semver"
}
],
"programRoutines": [
{
"name": "memoryStore.Verify"
}
],
"defaultStatus": "unaffected"
}
]Related
github
github
Always incorrect control flow in github.com/mojocn/base64Captcha
2023-12-12 00:30:17
cve
cve
CVE-2023-45292
2023-12-11 22:15:06
CVE-2023-50119
2023-12-21 15:15:10
osv
osv
Captcha verification bypass in github.com/mojocn/base64Captcha
2023-12-08 20:11:50
CVE-2023-45292
2023-12-11 22:15:06
Always incorrect control flow in github.com/mojocn/base64Captcha
2023-12-12 00:30:17
prion
prion
Default configuration
2023-12-11 22:15:00
Design/Logic Flaw
2023-12-21 15:15:00
veracode
veracode
Captcha Verification Bypass
2023-12-12 05:57:24
nvd
nvd
CVE-2023-45292
2023-12-11 22:15:06
CVE-2023-50119
2023-12-21 15:15:10