Vulnerabilities > CVE-2022-45292 - Operation on a Resource after Expiration or Release vulnerability in Funkwhale 1.2.8

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
funkwhale
CWE-672
NVD
Published: 2022-12-09
Updated: 2022-12-13

Summary

User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.

Vulnerable Configurations

Part Description Count
Application
Funkwhale
1

Common Weakness Enumeration (CWE)

References