CVE-2022-3019
Published
CVSS v3
8.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see (bruteforcing comment id's might also be an option but I wouldn't count on it, since it would take a long time to find a valid one).
ToolJet is the open-source foundation of ToolJet AI - the enterprise app generation platform for building internal tools, dashboard, business applications, workflows and AI agents 🚀
GitHub