5 matches found
CVE-2022-30355
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required...
CVE-2022-30355
creationtimestamp| type| source ---|---|--- 2024-10-25 18:45:29+00:00| seen| https://t.me/cvedetector/8956...
CVE-2022-30355
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required...
CVE-2022-30355
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required...
CVE-2022-30355
OvalEdge 5.2.8.0 and earlier are affected by an Account Takeover vulnerability. The issue allows exploitation via a POST to /profile/updateProfile using userId and email parameters, with authentication required. Multiple connected sources confirm the affected versions and the vulnerable endpoint....