Vulnerability CVE-2023-50172


Published: 2024-01-10

Description:
A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to silently create a recovery pass code for any user.

 References:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1897

Copyright 2026, cxsecurity.com

 

Back to Top