cve/CVE-2024-27092.md at a8969e132322a214e7b78da5711159d6f891f0ab

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label (Edit Team) - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload (external link) is presented in clickable form - easier to achieve own goals by malicious actors. This issue is fixed in 2023.12.6.

POC

Reference

https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-8r6h-8r68-q3pp

Github

https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/mbiesiad/security-hall-of-fame-mb

1.1 KiB Raw Blame History

CVE-2024-27092

Description

POC

Reference

Github

1.1 KiB

Raw Blame History