Nodebb is an open source Node.js based forum software. In affected versions incorrect logic present in the token verification step unintentionally allowed master token access to the API. The vulnerability has been patch as of v1.18.5. Users are advised to upgrade as soon as possible.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-11-29T19:30:17
Updated: 2024-08-04T04:03:08.931Z
Reserved: 2021-11-16T00:00:00
Link: CVE-2021-43786
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-29T20:15:08.133
Modified: 2024-11-21T06:29:47.163
Link: CVE-2021-43786
Redhat
No data.