Lucene search
Veracode Vulnerability DatabaseVERACODE:33184HistoryDec 06, 2021 - 6:56 a.m.
Validation Bypass
2021-12-0606:56:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.001 Low
EPSS
Percentile
46.8%
github.com/nodebb/nodebb is vulnerable to validation bypass. A malicious user is able to gain master token access to the API due to incorrect token verification logic, resulting in unauthorized access to sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/nodebb/nodebb | le | v1.18.4 | |
| github.com/nodebb/nodebb | le | v1.18.4 |
Related
openvas
openvas
NodeBB 1.15.x - 1.18.4 Improper Authentication Vulnerability
2022-09-07 00:00:00
prion
prion
Code injection
2021-11-29 20:15:00
osv
osv
CVE-2021-43786
2021-11-29 20:15:08
API token verification can be bypassed in NodeBB
2021-11-30 22:21:05
cve
cve
CVE-2021-43786
2021-11-29 20:15:08
cvelist
cvelist
CVE-2021-43786 API token verification can be bypassed
2021-11-29 19:30:17
cnvd
cnvd
Nodebb licensing issue vulnerability
2021-12-01 00:00:00
nvd
nvd
CVE-2021-43786
2021-11-29 20:15:08
github
github
API token verification can be bypassed in NodeBB
2021-11-30 22:21:05
sonarsource
sonarsource
NodeBB 1.18.4 - Remote Code Execution With One Shot
2021-11-30 00:00:00