Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.10 views

CVE-2022-39231

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.16, or from 5.0.0 to 5.2.6, validation of the authentication adapter app ID for Facebook and Spotify may be circumvented. Configurations which allow users to...

3.7CVSS6.8AI score0.00439EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/23 7:40 a.m.18 views

CVE-2022-39231 Parse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.16, or from 5.0.0 to 5.2.6, validation of the authentication adapter app ID for Facebook and Spotify may be circumvented. Configurations which allow users to...

3.7CVSS4.4AI score0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/23 7:40 a.m.10 views

CVE-2022-39231 Parse Server subject to Improper Authentication allowing Auth adapter app ID validation to be circumvented

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 4.10.16, or from 5.0.0 to 5.2.6, validation of the authentication adapter app ID for Facebook and Spotify may be circumvented. Configurations which allow users to...

3.7CVSS4.1AI score0.00439EPSS
Exploits0References1
CVE
CVE
added 2022/09/23 7:40 a.m.66 views

CVE-2022-39231

Parse Server vulnerable versions prior to 4.10.16 and 5.0.0–5.2.6 expose an authentication bypass flaw in the Facebook/Spotify adapters where appIds configured as a string (instead of an array) can let requests from a different app ID slip through. The root cause is improper validation of the ada...

3.7CVSS3.9AI score0.00439EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder