5 matches found
CVE-2022-24189
The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...
CVE-2022-24189
creationtimestamp| type| source ---|---|--- 2022-11-29 00:28:28+00:00| seen| https://t.me/cibsecurity/53612...
CVE-2022-24189
The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...
CVE-2022-24189
The usertoken authorization header on the Ourphoto App version 1.4.1 /apiv1/ end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other use...
CVE-2022-24189
CVE-2022-24189 affects the Ourphoto App v1.4.1, where the user_token authorization header on /apiv1/* endpoints is not implemented correctly. Removing the header value causes all requests to succeed, bypassing authorization and session management, enabling an attacker to make POST API calls using...