Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OneUptime has WhatsApp Resend Verification Authorization Bypass
Vulnerability Description
OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated (unlike the verify endpoint). This affects the UserWhatsAppAPI.ts endpoint and the UserWhatsAppService.ts service.
CVSS Information
N/A
Vulnerability Type
授权机制不恰当
Vulnerability Title
OneUptime 安全漏洞
Vulnerability Description
OneUptime是OneUptime开源的一个全面的解决方案。用于监控和管理您的在线服务。 OneUptime存在安全漏洞,该漏洞源于resend-verification-code端点所有权验证不足,可能导致验证码被恶意重发。
CVSS Information
N/A
Vulnerability Type
N/A