Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2022/12/12 9:27 p.m.18 views

GHSA-JV85-MQXJ-3F9J Sentry vulnerable to invite code reuse via cookie manipulation

With a known valid invite link i.e. not already accepted or expired an unauthenticated attacker can manipulate the cookie to allow the same invite link to be reused on multiple accounts when joining an organization. Impact An attacker with a valid invite link can create multiple users and join th...

6.4CVSS5.2AI score0.00308EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2022/12/12 9:27 p.m.28 views

Sentry vulnerable to invite code reuse via cookie manipulation

With a known valid invite link i.e. not already accepted or expired an unauthenticated attacker can manipulate the cookie to allow the same invite link to be reused on multiple accounts when joining an organization. Impact An attacker with a valid invite link can create multiple users and join th...

6.4CVSS3.5AI score0.00308EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2022/12/10 12:40 a.m.12 views

CVE-2022-23485 Invite code reuse via cookie manipulation in sentry

Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...

6.4CVSS6.5AI score0.00308EPSS
Exploits0References1
Rows per page
Query Builder