4 matches found
CVE-2024-37829
An issue in Outline = v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic sign-in link...
CVE-2024-37829
An issue in Outline = v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic sign-in link...
CVE-2024-37829
An issue in Outline = v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic sign-in link...
Email enumeration via sending a magic sign in link functionality
Description The sending a magic sign in link functionality is vulnerable to an email enumeration attack. Proof of Concept If you enter registered email, you will get Login Link Sent! message. If you enter non-registered email, you will get Unknown email address. message...