CVE-2023-39691

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-39691
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-39691.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-39691
Withdrawn
2024-07-04T03:46:35.514792Z
Published
2024-01-16T22:15:37Z
Modified
2024-05-14T12:59:21.810776Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request.

References

Affected packages

Git / github.com/kalcaddle/kodbox

Affected ranges

Type
GIT
Repo
https://github.com/kalcaddle/kodbox
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

1.*

1.19
1.20
1.22.0807
1.25.1124
1.26.05
1.27.06
1.28.01
1.29.02
1.30.4
1.31.02.1
1.32.06
1.33.01
1.34.04
1.35.05
1.36.04
1.37.03
1.38.6.2
1.39.02
1.40.03
1.41.040
1.42.04
1.43.01.1