CVE-2023-35154

Knowage is an open source analytics and business intelligence suite. Starting in version 6.0.0 and prior to version 8.1.8, an attacker can register and activate their account without having to click on the link included in the email, allowing them access to the application as a normal user. This issue has been patched in version 8.1.8.
Configurations

Configuration 1 (hide)

cpe:2.3:a:eng:knowage:*:*:*:*:*:*:*:*

History

03 Jul 2023, 18:47

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-23 21:15

Updated : 2024-02-04 23:37


NVD link : CVE-2023-35154

Mitre link : CVE-2023-35154

CVE.ORG link : CVE-2023-35154


JSON object : View

Products Affected

eng

  • knowage
CWE
CWE-287

Improper Authentication