CVE-2022-45169— LIVEBOX Collaboration vDesk 安全漏洞

N/A

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. This push notification can include an (invisible) clickable link.

N/A

N/A

LIVEBOX Collaboration vDesk 安全漏洞

LIVEBOX Collaboration vDesk是LIVEBOX公司的一个应用程序。 LIVEBOX Collaboration vDesk v031及之前版本存在安全漏洞，该漏洞源于通过/api/v1/notification/createnotification 端点会导致重定向，允许经过身份验证的用户向系统的其他用户发送任意推送通知。

N/A

N/A