CVE-2023-46754
CVE-2023-46754 affects Obl.ong prior to 1.1.2. The issue is an authorization bypass in the admin panel caused by the email OTP feature accepting arbitrary numerical values. Affected component/file is the admin panel’s OTP handling; root cause is lax validation of OTP input, enabling bypass of acc...