Lucene search
K

4 matches found

Circl
Circl
added 2024/02/21 5:22 p.m.5 views

CVE-2023-46241

creationtimestamp| type| source ---|---|--- 2024-02-21 17:22:04+00:00| seen| https://t.me/ctinow/189792 2024-02-21 17:31:25+00:00| seen| https://t.me/ctinow/189806 2025-02-06 02:44:21+00:00| seen| Telegram/nEXfu7nVFF0wvcsj87oSUAjqm-fASFKqZlNsbB2zLigsn...

9CVSS8.4AI score0.00798EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/21 4:8 p.m.19 views

CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...

9CVSS9.4AI score0.00798EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/21 4:8 p.m.12 views

CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...

9CVSS7AI score0.00798EPSS
Exploits0References3
CVE
CVE
added 2024/02/21 4:8 p.m.115 views

CVE-2023-46241

The CVE-2023-46241 entry concerns the discourse-microsoft-auth plugin for Discourse, which allows Microsoft-based authentication and can enable account takeovers when sites are configured to non-single-tenant accounts. The issue is linked to authentication handling within the plugin and has been ...

9CVSS9.3AI score0.00798EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder