AVG-1684 log
| Package | tt-rss |
| Status | Not affected |
| Severity | High |
| Type | authentication bypass |
| Affected | 2:r10198.6d8f2221b-2 |
| Fixed | 2:r10820.4e81233ac-1 |
| Current | 2:r12636.a3becdc77-1 [extra] |
| Ticket | None |
| Created | Sun Mar 14 08:21:15 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-28373 | High | Yes | Authentication bypass | The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 2021-03-12 allows an attacker to log in via the OTP code without a valid password. NOTE: this... |