daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add incorrect CVE note

patch-1
sullo 2023-03-17 10:06:27 -04:00
parent edf213bdea
commit 463fe078c2
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2023/CVE-2023-23492.yaml
View File

@ -6,6 +6,8 @@ info:
severity: medium
description: |
Login with Phone Number, versions < 1.4.2, is affected by an reflected XSS vulnerability in the login-with-phonenumber.php' file in the 'lwp_forgot_password()' function.
Note that CVE-2023-23492 incorrectly describes and scores this as SQL injection vulnerability.
reference:
- https://wordpress.org/plugins/login-with-phone-number/
- https://www.tenable.com/security/research/tra-2023-3