Publish GHSA-675q-66gf-gqg8

advisory-database[bot] · advisory-database[bot] · commit 1e5b821e306e · 2025-11-25T22:57:31.000Z
diff --git a/advisories/github-reviewed/2025/11/GHSA-675q-66gf-gqg8/GHSA-675q-66gf-gqg8.json b/advisories/github-reviewed/2025/11/GHSA-675q-66gf-gqg8/GHSA-675q-66gf-gqg8.json
@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-675q-66gf-gqg8",
+  "modified": "2025-11-25T22:55:50Z",
+  "published": "2025-11-25T22:55:50Z",
+  "aliases": [],
+  "summary": "OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation ",
+  "details": "### Summary\n\nDuring the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying this parameter value from false to true, a user is able to gain access to the admin dashboard interface.  However, despite accessing the admin panel, the user does not have sufficient permissions to view or interact with actual data. \n\n\n### PoC\nIntercept the login response and change \"isMasterAdmin\": false → \"isMasterAdmin\": true \n<img width=\"1405\" height=\"567\" alt=\"image\" src=\"https://github.com/user-attachments/assets/7036398b-bb41-46c1-b66a-e49ec2bc3abb\" />\n<img width=\"1533\" height=\"476\" alt=\"2\" src=\"https://github.com/user-attachments/assets/4efcaef5-a939-4729-be43-3af62a7d02f8\" />\n\n\n### Impact\nThe admin dashboard is viewable.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@oneuptime/common"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "8.0.5567"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-675q-66gf-gqg8"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/OneUptime/oneuptime/commit/3e72b2a9a4f50f98cf1f6cf13fa3e405715bb370"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/OneUptime/oneuptime"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-284",
+      "CWE-863"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-11-25T22:55:50Z",
+    "nvd_published_at": null
+  }
+}
