Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-8M5F-2XVP-2C8W
HistoryJan 10, 2024 - 6:30 p.m.

WWBN AVideo recovery notification bypass vulnerability

2024-01-1018:30:28
Google
osv.dev
11
vulnerability
recovery notification
bypass
userrecoverpass.php
http request
recovery pass code
wwbn avideo

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%

JSON

A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to silently create a recovery pass code for any user.

Related

prion 1
cvelist 1
veracode 1
nvd 1
talos 1
github 1
cve 1
talosblog 1
prion
prion
Design/Logic Flaw
2024-01-10 16:15:00
cvelist
cvelist
CVE-2023-50172
2024-01-10 15:48:08
veracode
veracode
Recovery Notification Bypass
2024-01-15 06:30:55
nvd
nvd
CVE-2023-50172
2024-01-10 16:15:49
talos
talos
WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability
2024-01-10 00:00:00
github
github
WWBN AVideo recovery notification bypass vulnerability
2024-01-10 18:30:28
cve
cve
CVE-2023-50172
2024-01-10 16:15:49
talosblog
talosblog
Critical vulnerability in ManageEngine could lead to file creation, dozens of other vulnerabilities disclosed by Talos to start 2024
2024-01-17 17:00:00

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

7

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for OSV:GHSA-8M5F-2XVP-2C8W
prion1cvelist1veracode1nvd1talos1github1cve1talosblog1