rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. The fixed versions are 4.15.1, 4.16.1, and 4.17.1.
{
"unresolved_ranges": [
{
"source": "DESCRIPTION",
"extracted_events": [
{
"fixed": "4.17.1"
}
]
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/27xxx/CVE-2023-27891.json",
"cna_assigner": "mitre"
}{
"source": [
"CPE_RANGE",
"CPE_STRING"
],
"cpe": [
"cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*",
"cpe:2.3:a:rami:pretix:4.16.0:*:*:*:*:*:*:*",
"cpe:2.3:a:rami:pretix:4.17.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "1.16.0"
},
{
"fixed": "4.15.1"
},
{
"introduced": "4.16.0"
},
{
"last_affected": "4.16.0"
},
{
"introduced": "4.17.0"
},
{
"last_affected": "4.17.0"
}
]
}