Lucene search
GoogleOSV:CVE-2021-43786HistoryNov 29, 2021 - 8:15 p.m.
CVE-2021-43786
2021-11-2920:15:08
Google
osv.dev
4
0.001 Low
EPSS
Percentile
46.8%
Nodebb is an open source Node.js based forum software. In affected versions incorrect logic present in the token verification step unintentionally allowed master token access to the API. The vulnerability has been patch as of v1.18.5. Users are advised to upgrade as soon as possible.
Related
openvas
openvas
NodeBB 1.15.x - 1.18.4 Improper Authentication Vulnerability
2022-09-07 00:00:00
veracode
veracode
Validation Bypass
2021-12-06 06:56:00
github
github
API token verification can be bypassed in NodeBB
2021-11-30 22:21:05
osv
osv
API token verification can be bypassed in NodeBB
2021-11-30 22:21:05
prion
prion
Code injection
2021-11-29 20:15:00
cve
cve
CVE-2021-43786
2021-11-29 20:15:08
cvelist
cvelist
CVE-2021-43786 API token verification can be bypassed
2021-11-29 19:30:17
cnvd
cnvd
Nodebb licensing issue vulnerability
2021-12-01 00:00:00
nvd
nvd
CVE-2021-43786
2021-11-29 20:15:08
sonarsource
sonarsource
NodeBB 1.18.4 - Remote Code Execution With One Shot
2021-11-30 00:00:00