2 matches found
CVE-2023-46754
The admin panel for Obl.ong before 1.1.2 allows authorization bypass because the email OTP feature accepts arbitrary numerical values...
CVE-2023-46754
CVE-2023-46754 affects Obl.ong prior to 1.1.2. The issue is an authorization bypass in the admin panel caused by the email OTP feature accepting arbitrary numerical values. Affected component/file is the admin panel’s OTP handling; root cause is lax validation of OTP input, enabling bypass of acc...