8 matches found
EUVD-2023-58120
Malicious code in bioql PyPI...
CVE-2023-5838
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5838 Insufficient Session Expiration in linkstackorg/linkstack
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5840
CVE-2023-5840 affects LinkStack prior to v4.2.9, describing a weak password recovery mechanism. The vulnerability enables password-reset-token leakage via Host header manipulation (password reset link hijacking) as demonstrated in public PoC contexts. The issue is confirmed across multiple source...
CVE-2023-5840 Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9...
CVE-2023-5838
CVE-2023-5838 describes an issue in LinkStack before version 4.2.9 where sessions are not expired after a password change. The vulnerability affects the LinkStack repository on GitHub (linkstackorg/linkstack) and is caused by insufficient session expiration, leading to potential continued use of ...