CVE-2023-1665 Brute Force on Twake App (Open Source Version of Microsoft Teams) < v2023.Q1.1223

CVSS: 7.8

Collaboration App, Twake (https://twake.app) before versions v2023.Q1.1223 does not restrict unauthenticated login attempts allowing for brute force attacks at the login page.

At the time of this report Twake has over 1 million Docker Pulls (source: https://github.com/linagora/Twake)

Submitted through platform huntr.dev

https://www.huntr.dev/bounties/db8fcbab-6ef0-44ba-b5c6-3b0f17ca22a2/

Vulnerability discovered and reported by Kevin Suckiel (@0xsu3ks) January, 2023.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2023-1665 Brute Force on Twake App (Open Source Version of Microsoft Teams) < v2023.Q1.1223

CVSS: 7.8

Submitted through platform huntr.dev

About

Releases

Packages

0xsu3ks/CVE-2023-1665

Folders and files

Latest commit

History

Repository files navigation

CVE-2023-1665 Brute Force on Twake App (Open Source Version of Microsoft Teams) < v2023.Q1.1223

CVSS: 7.8

Submitted through platform huntr.dev

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages