2 matches found
CVE-2019-16281
Ptarmigan before 0.2.3 lacks API token validation, e.g., an "if token === apiToken return true; return false;" code block...
CVE-2019-16281
Ptarmigan prior to 0.2.3 is vulnerable because it lacks API token validation (example: if (token === apiToken) {return true;} return false;). Multiple connected sources confirm the issue and reference version 0.2.3 as the fix. The practical impact described is an auth-bypass risk due to missing t...