Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. This push notification can include an (invisible) clickable link.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LIVEBOX Collaboration vDesk 安全漏洞
Vulnerability Description
LIVEBOX Collaboration vDesk是LIVEBOX公司的一个应用程序。 LIVEBOX Collaboration vDesk v031及之前版本存在安全漏洞,该漏洞源于通过/api/v1/notification/createnotification 端点会导致重定向,允许经过身份验证的用户向系统的其他用户发送任意推送通知。
CVSS Information
N/A
Vulnerability Type
N/A