exploitDog

GHSA-jm8f-qrph-485q

Опубликовано: 25 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

Ссылки

EPSS

Процентиль: 4%

0.00018

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2023-2883

CVSS3: 8.8

nvd

больше 2 лет назад

Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

EPSS

Процентиль: 4%

0.00018

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-639