GHSA-qfv2-3p2f-vg48

Опубликовано: 02 фев. 2024

Источник: github

Github: Прошло ревью

Описание

Duplicate Advisory: Central Dogma Authentication Bypass Vulnerability via Session Leakage

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-34q3-p352-c7q8. This link is maintained to preserve external references.

Original Description

Central Dogma versions prior to 0.64.0 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2024-1143
https://github.com/line/centraldogma/commit/8edcf913b88101aff70008156b0881850e005783

Пакеты

Наименование

com.linecorp.centraldogma:centraldogma-server

maven

Затронутые версииВерсия исправления

< 0.64.0

0.64.0