Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Sep 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-Other |
Tue, 03 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linen
Linen linen |
|
Weaknesses | CWE-284 | |
CPEs | cpe:2.3:a:linen:linen:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linen
Linen linen |
|
Metrics |
cvssV3_1
|
Sun, 01 Sep 2024 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-01T00:00:00
Updated: 2024-09-03T14:58:51.950Z
Reserved: 2024-09-01T00:00:00
Link: CVE-2024-45522
Vulnrichment
Updated: 2024-09-03T14:58:44.912Z
NVD
Status : Analyzed
Published: 2024-09-02T00:15:11.830
Modified: 2024-09-05T14:29:32.737
Link: CVE-2024-45522
Redhat
No data.