CVE-2018-3783

A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.
References
Link Resource
https://hackerone.com/reports/386807 Exploit Patch
Configurations

Configuration 1

cpe:2.3:a:flintcms:flintcms:*:*:*:*:*:node.js:*:*

Information

Published : 2018-08-17 01:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-3783

Mitre link : CVE-2018-3783

Products Affected
No products.
CWE