Vulnerability: Page takeover (Dashboard 2.5.0)

Vulnerability allows users to takeover existing Uptime or Docs URLs by creating a page with the same path on a different product.

Affected versions: Dashboard 2.0.0-2.5.0

Patched in: 2.5.0

The dashboard and API are no longer vulnerable to this attack.

This exploit was discovered by our internal security team.

Confidentiality: None

Integrity: High

Availability: High

CVSS: 7.1/10

Example:

If user1 owns the path "layeredy" as an Uptime path, user2 could create a Docs project with the path "layeredy" and effectively take the "layeredy" path from user1.

While we're unaware of any abuse of this exploit: If you were affected by this please email [email protected]

If you discover a vulnerability in any of our systems, please report it to us. We offer bug bounties.
Learn how to report a vulnerability

CIA Triad or CVSS scores are not independently verified. We use https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator to calculate our CVSS score.

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C/CR:M/IR:M/AR:M/MAV:N/MAC:L/MPR:L/MUI:N/MS:U/MC:N/MI:H/MA:H