High severity8.8NVD Advisory· Published Sep 18, 2023· Updated Jun 17, 2026
CVE-2023-42328
CVE-2023-42328
Description
An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the hardcoded session cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PeppermintLabs/Peppermintdescription
- Range: <=0.2.4
Patches
Vulnerability mechanics
References
3- blockomat2100.github.io/posts/2023-09-04-damn-vulnerable-ticket-system/nvdExploitThird Party Advisory
- github.com/Peppermint-Lab/peppermint/blob/446a20b870bc68157eaafcb7275c289d76bfb29e/apps/client/pages/api/auth/%5B...nextauth%5D.jsnvdIssue Tracking
- peppermint.shnvdProduct
News mentions
0No linked articles in our index yet.