VYPR

Lif Auth Server

by Lif Platforms

Source repositories

CVEs (2)

  • CVE-2024-47768HigOct 4, 2024
    risk 0.00cvss 8.1epss 0.00

    Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. This vulnerability has to do with the account recovery system where there does not appear to be a check to make sure the user has been sent the recovery email and entered the correct…

  • CVE-2023-49801MedJan 12, 2024
    risk 0.00cvss 4.2epss 0.00

    Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. The issue relates to the `get_pfp` and `get_banner` routes on Auth Server. The issue is that there is no check to ensure that the file that Auth Server is receiving…