PT-2022-19740 · Linglong · Linglong
Published
2022-05-26
·
Updated
2023-08-08
·
CVE-2022-29633
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linglong version 1.0
Description
An access control issue allows attackers to access the background of the application via a crafted cookie.
Recommendations
For Linglong version 1.0, consider restricting access to sensitive areas of the application until a patch is available. As a temporary workaround, review and validate all cookie inputs to prevent crafted cookies from being used to bypass access controls.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linglong