Account Takeover via Invite Functionality Exploit
An attacker can exploit the invite functionality to obtain valid JWT tokens, allowing them to take over accounts of newly registered users. This affects the latest commit on the main branch (a761d83) and has not yet been patched.
Remediation Steps
- Implement a check to ensure that the email in the authorization header matches the email in the token provided in the request body.
- Invalidate the one-time use token when an invite is retracted.
- Consider additional verification steps, such as matching organization IDs or user UUIDs, to ensure the legitimacy of password reset requests.
Patch Details
- Fixed Version: N/A
- Patch Commit: N/A
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have 436 related security advisories that are available with Sightline Premium.