Products
UNKNOWN
Source
cve@mitre.org
Tags
CVE-2024-45522 details
Published : Sept. 2, 2024, 12:15 a.m.
Last Modified : Sept. 2, 2024, 12:15 a.m.
Last Modified : Sept. 2, 2024, 12:15 a.m.
Description
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://github.com/Linen-dev/linen.dev/commit/cd37c3e88ec29f4e7baae7e32fe80d0137848d10 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.