6 matches found
CVE-2024-55470
Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...
Oqtane Framework Incorrect Access Control vulnerability
Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...
CVE-2024-55470
Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...
CVE-2024-55470
Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...
PT-2024-36525 · Unknown · Oqtane Framework
Name of the Vulnerable Software and Affected Versions: Oqtane Framework version 6.0.0 Description: The issue concerns Incorrect Access Control, allowing attackers to bypass passcode validation by manipulating the entityid parameter. This enables them to log into the application or access restrict...
CVE-2024-55470
Oqtane Framework 6.0.0 is affected by Incorrect Access Control. The vulnerability arises from insufficient server-side validation of the entityid parameter, allowing an attacker to bypass passcode validation and log in or access restricted data. The root cause is reliance on client-side authentic...