Skip to content

Type juggling vulnerability in the API

ozh published GHSA-vf23-f26f-mjj9 Sep 22, 2019

ozh published Sep 22, 2019

moderate severity
CVE-2019-14537 More information
Affected versions: =<1.7.3
Patched versions: 1.7.4


YOURLS through 1.7.3 is affected by a type juggling vulnerability in the API component that can result in login bypass.



For more information

If you have any questions or comments about this advisory:

You can’t perform that action at this time.