Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1xZnYyLTNwMmYtdmc0OM4AA5A8

Duplicate Advisory: Central Dogma Authentication Bypass Vulnerability via Session Leakage

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-34q3-p352-c7q8. This link is maintained to preserve external references.

Original Description

Central Dogma versions prior to 0.64.0 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.

Permalink: https://github.com/advisories/GHSA-qfv2-3p2f-vg48
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xZnYyLTNwMmYtdmc0OM4AA5A8
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 28 days ago
Updated: 28 days ago

Widthdrawn: 28 days ago

Identifiers: GHSA-qfv2-3p2f-vg48
References:

Affected Packages

maven:com.linecorp.centraldogma:centraldogma-server
Versions: < 0.64.0
Fixed in: 0.64.0