ToolJet versions v0.5.0 to v1.2.2 are vulnerable to token leakage via Referer header that leads to account takeover . If the user opens the invite link/signup link and then clicks on any external links within the page, it leaks the password set token/signup token in the referer header. Using these tokens the attacker can access the user’s account.
References
Link | Resource |
---|---|
https://github.com/ToolJet/ToolJet/commit/eacbfc4c9da089ff9cda9edf8a1156390ae8a101 | Patch Third Party Advisory |
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23067 | Exploit Third Party Advisory |
Configurations
History
26 May 2022, 17:13
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:tooljet:tooljet:*:*:*:*:*:*:*:* | |
References | (CONFIRM) https://github.com/ToolJet/ToolJet/commit/eacbfc4c9da089ff9cda9edf8a1156390ae8a101 - Patch, Third Party Advisory | |
References | (MISC) https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23067 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 8.8 |
18 May 2022, 15:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-18 14:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-23067
Mitre link : CVE-2022-23067
CVE.ORG link : CVE-2022-23067
JSON object : View
Products Affected
tooljet
- tooljet
CWE