Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
LinkstackLinkstack

3 matches found

CVE
CVEadded 2024/11/29 12:0 a.m.60 views

CVE-2024-35451

CVE-2024-35451 affects LinkStack versions 2.7.9–4.7.7. A server-side request forgery vulnerability exists in resources/views/components/favicon.blade.php, enabling SSRF via a crafted link. Documented impact includes risk of local network access; no exploit details are provided in the sources. Rem...

4.8CVSS7AI score0.00047EPSS
CVE
CVEadded 2023/10/29 12:0 a.m.52 views

CVE-2023-5840

CVE-2023-5840 affects LinkStack prior to v4.2.9, describing a weak password recovery mechanism. The vulnerability enables password-reset-token leakage via Host header manipulation (password reset link hijacking) as demonstrated in public PoC contexts. The issue is confirmed across multiple source...

8.8CVSS6.8AI score0.00084EPSS
CVE
CVEadded 2023/10/29 12:0 a.m.42 views

CVE-2023-5838

CVE-2023-5838 describes an issue in LinkStack before version 4.2.9 where sessions are not expired after a password change. The vulnerability affects the LinkStack repository on GitHub (linkstackorg/linkstack) and is caused by insufficient session expiration, leading to potential continued use of ...

9.8CVSS4.8AI score0.00044EPSS