4 matches found
CVE-2026-30959 OneUptime has WhatsApp Resend Verification Authorization Bypass
OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. This affects the...
CVE-2026-30959 OneUptime has WhatsApp Resend Verification Authorization Bypass
OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. This affects the...
OneUptime has WhatsApp Resend Verification Authorization Bypass
Description The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. Affected Source - Endpoint: UserWhatsAppAPI.ts - Service: UserWhatsAppService.ts - Verify...
GHSA-CW6X-MW64-Q6PV OneUptime has WhatsApp Resend Verification Authorization Bypass
Description The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. Affected Source - Endpoint: UserWhatsAppAPI.ts - Service: UserWhatsAppService.ts - Verify...