Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XenForo Passkey Security Bypass
Vulnerability Description
XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Xenforo 授权问题漏洞
Vulnerability Description
Xenforo是Xenforo公司的一个论坛软件。 XenForo 2.3.7之前版本存在授权问题漏洞,该漏洞源于影响已添加到用户账户的Passkeys,可能导致攻击者破坏基于Passkey的身份验证安全性。
CVSS Information
N/A
Vulnerability Type
N/A