CVE-2023-46754

Published October 26th, 2023

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

The admin panel for Obl.ong before 1.1.2 allows authorization bypass because the email OTP feature accepts arbitrary numerical values.

Multi-tenant domain services built with Ruby on Rails, open source and forever free. Powering the obl.ong domain registry.

GitHub

24