2 matches found
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the entityid parameter in the /api/Setting endpoint, due to insufficient server-side validation of authentication and authorization. Remediation Upgrade Oqtane.Server to version 6.0.1 or higher. References - GitHu...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the entityid parameter in the /api/Setting endpoint, due to insufficient server-side validation of authentication and authorization. Remediation Upgrade Oqtane.Framework to version 6.0.1 or higher. References -...