rami.io pretix before 4.17.1 allows OAuth application authorization from a logged-out session. The fixed versions are 4.15.1, 4.16.1, and 4.17.1.
References
Link | Resource |
---|---|
https://pretix.eu/about/en/blog/20230306-release-4171/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Mar 2023, 17:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:rami:pretix:4.17.0:*:*:*:*:*:*:* cpe:2.3:a:rami:pretix:4.16.0:*:*:*:*:*:*:* cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:* |
|
First Time |
Rami pretix
Rami |
|
References | (MISC) https://pretix.eu/about/en/blog/20230306-release-4171/ - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-613 |
06 Mar 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-06 23:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-27891
Mitre link : CVE-2023-27891
CVE.ORG link : CVE-2023-27891
JSON object : View
Products Affected
rami
- pretix
CWE
CWE-613
Insufficient Session Expiration