Back

CVE-2024-45522

Sept. 2, 2024, 12:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

UNKNOWN

Source

cve@mitre.org

Tags

cve@mitre.org
2024-09-02
CVE-2024-45522

CVE-2024-45522 details

Published : Sept. 2, 2024, 12:15 a.m.
Last Modified : Sept. 2, 2024, 12:15 a.m.

Description

Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/Linen-dev/linen.dev/commit/cd37c3e88ec29f4e7baae7e32fe80d0137848d10 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.