CVE-2022-36076: 0-day NodeBB Account Takeover Vulnerability


If you are running an online discussion forum based on NodeBB software, make sure it has been updated to install a newly issued security patch that fixes two critical vulnerabilities.
Maintainers of the NodeBB project recently announced two security advisories to reveal information on the underlying security vulnerability, identified as CVE-2022-36076 and CVE-2022-36045.

Read more…