A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other groups. It is possible to launch the attack remotely but it might require authentication. A video explaining the attack has been disclosed to the public.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2022-05-17T05:15:12

Updated: 2024-08-03T00:16:59.968Z

Reserved: 2022-05-17T00:00:00

Link: CVE-2022-1753

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-17T06:15:06.807

Modified: 2024-11-21T06:41:23.597

Link: CVE-2022-1753

cve-icon Redhat

No data.