Skip to content

Duplicate Advisory: Central Dogma Authentication Bypass Vulnerability via Session Leakage

Moderate severity GitHub Reviewed Published Feb 2, 2024 to the GitHub Advisory Database • Updated Feb 2, 2024
Withdrawn This advisory was withdrawn on Feb 2, 2024

Package

maven com.linecorp.centraldogma:centraldogma-server (Maven)

Affected versions

< 0.64.0

Patched versions

0.64.0

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-34q3-p352-c7q8. This link is maintained to preserve external references.

Original Description

Central Dogma versions prior to 0.64.0 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.

References

Published by the National Vulnerability Database Feb 2, 2024
Published to the GitHub Advisory Database Feb 2, 2024
Reviewed Feb 2, 2024
Withdrawn Feb 2, 2024
Last updated Feb 2, 2024

Severity

Moderate

Weaknesses

No CWEs

CVE ID

No known CVE

GHSA ID

GHSA-qfv2-3p2f-vg48

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.