Security Advisory

CVE-2023-52268

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-12 00:00:00

Last updated 2024-11-19 16:51:30

Assigner mitre

State PUBLISHED

Description

The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module is not part of freescout-helpdesk/freescout on GitHub.

← Browse all CVEs View on cve.org ↗