6 matches found
CVE-2024-32003
wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...
CVE-2024-32003
wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...
CVE-2024-32003 Dusk plugin may allow unfettered user authentication in misconfigured installs
wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...
CVE-2024-32003 Dusk plugin may allow unfettered user authentication in misconfigured installs
wn-dusk-plugin Dusk plugin is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment such as headless Chrome to act as a user in the Backend or User plugin without having ...
CVE-2024-32003
The CVE-2024-32003 issue affects the wn-dusk-plugin (Winter CMS Dusk plugin), where a special route [[URL]]/_dusk/login/[[USER ID]]/[[MANAGER]] could allow unauthenticated access to user accounts if the Dusk plugin is publicly available and misconfigured. The attached connected documentation conf...
Dusk Plugin 安全漏洞
Dusk Plugin is a plugin that provides support for the Laravel Dusk testing paradigm. A security vulnerability exists in Dusk Plugin that originates from allowing routing to gain access to any user account...