漏洞标题
Talkyard - 主机头注入导致账户接管
漏洞描述信息
Talkyard - 主机头注入导致账户接管
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Talkyard - Host-Header Injection Leads to Account Takeover
漏洞描述信息
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, an unauthenticated attacker can use the “forgot password” functionality to reset the victim’s password and successfully take over their account.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
输出中的特殊元素转义处理不恰当(注入)
漏洞标题
Talkyard 注入漏洞
漏洞描述信息
Talkyard是开源的一个结构化的讨论平台,汇集了 StackOverflow、Slack、Discourse、Reddit/HackerNews 和 Disqus 博客评论的主要功能。 Talkyard 存在安全漏洞,未经身份验证的攻击者可以使用forgot password功能重置受害者的密码并成功接管他们的帐户。以下产品及版本受到影响:Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e
CVSS信息
N/A
漏洞类别
注入