A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://hackerone.com/reports/386807 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: hackerone
Published: 2018-08-17T13:00:00
Updated: 2024-08-05T04:50:30.738Z
Reserved: 2017-12-28T00:00:00
Link: CVE-2018-3783

No data.

Status : Modified
Published: 2018-08-17T13:29:00.250
Modified: 2024-11-21T04:06:04.033
Link: CVE-2018-3783

No data.