exploitDog

CVE-2023-50172

Опубликовано: 10 янв. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to the silent creation of a recovery pass code for any user.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1897

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wwbn:avideo:15fed957fb:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00169

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-640

Связанные уязвимости

GHSA-8m5f-2xvp-2c8w

CVSS3: 5.3

github

около 2 лет назад

WWBN AVideo recovery notification bypass vulnerability

EPSS

Процентиль: 38%

0.00169

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-640