| |
Vulnerability CVE-2022-45169
Published: 2024-02-21
| Description: |
An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. This push notification can include an (invisible) clickable link. |
References: |
https://www.gruppotim.it/it/footer/red-team.html
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
