A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other groups. It is possible to launch the attack remotely but it might require authentication. A video explaining the attack has been disclosed to the public.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2022-05-17T05:15:12
Updated: 2024-08-03T00:16:59.968Z
Reserved: 2022-05-17T00:00:00
Link: CVE-2022-1753
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-17T06:15:06.807
Modified: 2024-11-21T06:41:23.597
Link: CVE-2022-1753
Redhat
No data.