Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by debiki
CVE-2021-25981 (GCVE-0-2021-25981)
Vulnerability from cvelistv5 – Published: 2022-01-03 06:35 – Updated: 2024-08-03 20:19
VLAI?
Title
Talkyard - Insufficient Session Expiration
Summary
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)
Severity ?
9.8 (Critical)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "talkyard",
"vendor": "debiki",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "v0.2021.20",
"versionType": "custom"
},
{
"lessThanOrEqual": "v0.2021.34",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "WhiteSource Vulnerability Research Team (WVR)"
}
],
"descriptions": [
{
"lang": "en",
"value": "In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin\u2019s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T06:35:10.000Z",
"orgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"shortName": "Mend"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version v0.2021.35"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
},
"title": "Talkyard - Insufficient Session Expiration",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"ID": "CVE-2021-25981",
"STATE": "PUBLIC",
"TITLE": "Talkyard - Insufficient Session Expiration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "talkyard",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "v0.2021.20"
},
{
"version_affected": "\u003c=",
"version_value": "v0.2021.34"
}
]
}
}
]
},
"vendor_name": "debiki"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "WhiteSource Vulnerability Research Team (WVR)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin\u2019s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-613 Insufficient Session Expiration"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34",
"refsource": "MISC",
"url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
},
{
"name": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761",
"refsource": "MISC",
"url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
},
{
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981",
"refsource": "MISC",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to version v0.2021.35"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"assignerShortName": "Mend",
"cveId": "CVE-2021-25981",
"datePublished": "2022-01-03T06:35:10.000Z",
"dateReserved": "2021-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:19:19.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25980 (GCVE-0-2021-25980)
Vulnerability from cvelistv5 – Published: 2021-11-11 07:10 – Updated: 2025-04-30 15:46
VLAI?
Title
Talkyard - Host-Header Injection Leads to Account Takeover
Summary
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, an unauthenticated attacker can use the “forgot password” functionality to reset the victim’s password and successfully take over their account.
Severity ?
8.8 (High)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:18.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/debiki/talkyard/commit/4067e191a909ed06f250d09a40e43aa5edbb0289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25980"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-25980",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T15:29:27.390742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T15:46:56.474Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "talkyard",
"vendor": "debiki",
"versions": [
{
"lessThan": "v0*",
"status": "affected",
"version": "v0.04.01",
"versionType": "custom"
},
{
"lessThan": "v0.2020*",
"status": "affected",
"version": "v0.2020.22-WIP-b2e97fe0e",
"versionType": "custom"
},
{
"lessThanOrEqual": "v0.2021.02-WIP-879ef3fe1",
"status": "affected",
"version": "v0.2021",
"versionType": "custom"
},
{
"lessThan": "tyse-v0.2021*",
"status": "affected",
"version": "tyse-v0.2021.02-879ef3fe1-regular",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, an unauthenticated attacker can use the \u201cforgot password\u201d functionality to reset the victim\u2019s password and successfully take over their account."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-11T07:10:11.000Z",
"orgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"shortName": "Mend"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/debiki/talkyard/commit/4067e191a909ed06f250d09a40e43aa5edbb0289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25980"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to tyse-v0.2021.29-8cb7f73fe-regular or later"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
},
"title": "Talkyard - Host-Header Injection Leads to Account Takeover",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
"ID": "CVE-2021-25980",
"STATE": "PUBLIC",
"TITLE": "Talkyard - Host-Header Injection Leads to Account Takeover"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "talkyard",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "v0",
"version_value": "v0.04.01"
},
{
"version_affected": "\u003c=",
"version_name": "v0",
"version_value": "v0.6.74-WIP-63220cb +1"
},
{
"version_affected": "\u003e=",
"version_name": "v0.2020",
"version_value": "v0.2020.22-WIP-b2e97fe0e"
},
{
"version_affected": "\u003c=",
"version_name": "v0.2021",
"version_value": "v0.2021.02-WIP-879ef3fe1"
},
{
"version_affected": "\u003e=",
"version_name": "tyse-v0.2021",
"version_value": "tyse-v0.2021.02-879ef3fe1-regular"
},
{
"version_affected": "\u003c=",
"version_name": "tyse-v0.2021",
"version_value": "tyse-v0.2021.28-af66b6905-regular +1"
}
]
}
}
]
},
"vendor_name": "debiki"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, an unauthenticated attacker can use the \u201cforgot password\u201d functionality to reset the victim\u2019s password and successfully take over their account."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/debiki/talkyard/commit/4067e191a909ed06f250d09a40e43aa5edbb0289",
"refsource": "MISC",
"url": "https://github.com/debiki/talkyard/commit/4067e191a909ed06f250d09a40e43aa5edbb0289"
},
{
"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25980",
"refsource": "MISC",
"url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25980"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to tyse-v0.2021.29-8cb7f73fe-regular or later"
}
],
"source": {
"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
"assignerShortName": "Mend",
"cveId": "CVE-2021-25980",
"datePublished": "2021-11-11T07:10:11.000Z",
"dateReserved": "2021-01-22T00:00:00.000Z",
"dateUpdated": "2025-04-30T15:46:56.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}