{ "schema_version": "1.4.0", "id": "GHSA-rf3g-v8p5-p675", "modified": "2022-12-05T23:06:14Z", "published": "2022-12-05T23:06:14Z", "aliases": [ "CVE-2022-46164" ], "summary": "NodeBB vulnerable to account takeover via prototype vulnerability", "details": "### Impact\nDue to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts.\n\n### Patches\nPatched in 2.6.1\n\n### Workarounds\nSite maintainers can cherry-pick https://github.com/NodeBB/NodeBB/commit/48d143921753914da45926cca6370a92ed0c46b8 into their codebase to patch the exploit.\n\n### For more information\nIf you have any questions or comments about this advisory:\n\nDiscuss it on [our community forum](https://github.com/NodeBB/NodeBB/security/advisories/community.nodebb.org/)\nEmail us at [support@nodebb.org](mailto:support@nodebb.org)\n", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" } ], "affected": [ { "package": { "ecosystem": "npm", "name": "nodebb" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.6.1" } ] } ] } ], "references": [ { "type": "WEB", "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-rf3g-v8p5-p675" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46164" }, { "type": "WEB", "url": "https://github.com/NodeBB/NodeBB/commit/48d143921753914da45926cca6370a92ed0c46b8" }, { "type": "PACKAGE", "url": "https://github.com/NodeBB/NodeBB" }, { "type": "WEB", "url": "https://github.com/NodeBB/NodeBB/releases/tag/v2.6.1" } ], "database_specific": { "cwe_ids": [ "CWE-665" ], "severity": "CRITICAL", "github_reviewed": true, "github_reviewed_at": "2022-12-05T23:06:14Z", "nvd_published_at": "2022-12-05T21:15:00Z" } }