4 matches found
CVE-2025-12546
A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an unknown part of the component API Key creation UI. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized...
CVE-2025-61928
Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the api/auth/api-key/create route. session?.user ?? authRequired ? null : i...
CVE-2025-61928
Better Auth is an authentication and authorization library for TypeScript. In versions prior to 1.3.26, unauthenticated attackers can create or modify API keys for any user by passing that user's id in the request body to the api/auth/api-key/create route. session?.user ?? authRequired ? null : i...
PT-2023-20659 · Cerebrate · Cerebrate
Name of the Vulnerable Software and Affected Versions: Cerebrate version 1.12 Description: The issue arises from the improper consideration of organisation id during the creation of API keys. This could potentially lead to unauthorized access or misuse of API keys. Recommendations: For Cerebrate...