3 matches found
CVE-2022-34774 Tabit - Arbitrary account modification
Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover the mail can be used t...
CVE-2022-34774
The CVE-2022-34774 entry concerns Tabit software where an endpoint mapped by a tiny URL allows modification of a user’s personal details (e.g., email, phone) in a restaurant loyalty program. The underlying issue enables potential account takeover, since altering the email could enable password re...
CVE-2022-34774
Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover the mail can be used t...