Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-45522

Disclosure Date: September 02, 2024 (last updated September 06, 2024)
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0