You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourls
Critical severity
GitHub Reviewed
Published
Sep 22, 2019
in
YOURLS/YOURLS
•
Updated Jan 11, 2023
Type juggling vulnerability in the API
Impact
YOURLS through 1.7.3 is affected by a type juggling vulnerability in the API component that can result in login bypass.
Patches
https://github.com/YOURLS/YOURLS/releases/tag/1.7.4
YOURLS/YOURLS#2542
References
For more information
If you have any questions or comments about this advisory:
References