Tooljet: >> Tooljet >> 1.23.0 Security Vulnerabilities
Unrestricted file size limit can lead to DoS in tooljet/tooljet <1.27 by allowing a logged in attacker to upload profile pictures over 2MB.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-11-22
Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Account Takeover :: when see the info i can see the forgot_password_token the hacker can send the request and changed the pass
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-09-28