Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover (the mail can be used to reset password).
References
Link | Resource |
---|---|
https://www.gov.il/en/departments/faq/cve_advisories | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2022-08-22 15:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-34774
Mitre link : CVE-2022-34774
CVE.ORG link : CVE-2022-34774
JSON object : View
Products Affected
tabit
- tabit
CWE