PT-2024-22857 · Nodebb · Nodebb

Name of the Vulnerable Software and Affected Versions: NodeBB version 3.6.7 Description: The issue allows a low-privileged attacker to access restricted tabs for the Admin group by setting isadmin to true. This is a case of Incorrect Access Control, where an attacker can access areas of the syste...

CVE-2024-29316

NodeBB 3.6.7 is vulnerable to Incorrect Access Control, e.g., a low-privileged attacker can access the restricted tabs for the Admin group via "isadmin":true...

CVE-2024-29316

CVE-2024-29316 involves NodeBB 3.6.7 with an Incorrect Access Control vulnerability. A low-privilege attacker can access restricted Admin tabs by setting a parameter (e.g., isadmin: true), as described in multiple connected documents. The root cause is insufficient access control checks that perm...

Broken Access Control - on NodeBB v3.6.7

Exploit Title: Broken Access Control - on NodeBB v3.6.7 Date: 22/2/2024 Exploit Author: Vibhor Sharma Vendor Homepage: https://nodebb.org/ Version: 3.6.7 Description: I identified a broken access control vulnerability in nodeBB v3.6.7, enabling attackers to access restricted information intended...

CVE-2024-29316

NodeBB 3.6.7 is vulnerable to Incorrect Access Control, e.g., a low-privileged attacker can access the restricted tabs for the Admin group via "isadmin":true...

NodeBB 安全漏洞

NodeBB is a forum system from the Design Create Play team built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. A security vulnerability exists in NodeBB version 3.6.7, which stems from incorrect access control...

NodeBB 3.6.7 Broken Access Control

Exploit Title: Broken Access Control - on NodeBB v3.6.7 Date: 22/2/2024 Exploit Author: Vibhor Sharma Vendor Homepage: https://nodebb.org/ Version: 3.6.7 Description: I identified a broken access control vulnerability in nodeBB v3.6.7, enabling attackers to access restricted information intended...

Path traversal and code execution via prototype vulnerability in NodeBB (CVE-2023-26045)

NodeBB is Node.js based forum software. Starting in version 2.5.0 and prior to version 2.8.7, due to the use of the object destructuring assignment syntax in the user export code path, combined with a path traversal vulnerability, a specially crafted payload could invoke the user export logic to...

Denial Of Service (DoS)

nodebb is vulnerable to Denial Of Service. The vulnerability is due to the onMessage function in index.js as there is no validation when passing messages to the eventName.startsWith or eventName.toString methods, which can result in an application crash when the message contains an array or objec...

CVE-2023-30591

Denial-of-service in NodeBB = v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively...

CVE-2023-30591

Denial-of-service in NodeBB = v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively...

Design/Logic Flaw

Denial-of-service in NodeBB = v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively...

CVE-2023-30591 NodeBB Pre-Authentication Denial-of-Service

Denial-of-service in NodeBB = v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively...

CVE-2023-30591

NodeBB pre-2.8.11 is affected by a Denial-of-Service flaw in how Socket.IO messages are processed. The issue arises when eventName is an array or object and the code calls eventName.startsWith() or eventName.toString() without sufficient validation, causing crashes. Affected software: NodeBB 2.8...

CVE-2023-30591 NodeBB Pre-Authentication Denial-of-Service

Denial-of-service in NodeBB = v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively...

NodeBB Code Issues Vulnerabilities

NodeBB is a forum system from the Design Create Play team built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. A code issue vulnerability exists in NodeBB v2.8.10 and earlier versions. An attacker exploited the vulnerability to cause the system to crash...

PT-2023-22800 · Nodebb · Nodebb

Name of the Vulnerable Software and Affected Versions: NodeBB versions = 2.8.10 Description: The issue allows unauthenticated attackers to trigger a crash in NodeBB when invoking eventName.startsWith or eventName.toString, while processing Socket.IO messages via crafted Socket.IO messages...

NodeBB 2.5.x < 2.8.7 Path Traversal Vulnerability

NodeBB is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb"; ifdescription...

NodeBB 2.x < 2.8.13, 3.x < 3.1.3 Information Disclosure Vulnerability

NodeBB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb";...

NodeBB < 2.6.1 Account Takeover Vulnerability

NodeBB is prone to an account takeover vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb"; ifdescripti...