4 matches found
CVE-2024-28192
yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...
CVE-2024-28192 NoSQL Injection Leading to Authentication Bypass in your_spotify
yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...
CVE-2024-28192
The CVE-2024-28192 entry concerns YourSpotify, an open source self-hosted Spotify tracking dashboard. A NoSQL injection flaw exists in the public access token processing logic for versions before 1.8.0, allowing an attacker to fully bypass the public token authentication mechanism without user in...
CVE-2024-28192 NoSQL Injection Leading to Authentication Bypass in your_spotify
yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated befo...