Headline
GHSA-2m5g-8xpw-42vp: OpenCFP Framework (Sentry) Account takeover via null password reset codes
OpenCFP, an open-source conference talk submission system written in PHP, contains a security vulnerability in its third-party authentication framework, Sentry, developed by Cartalyst. The vulnerability stems from how Sentry handles password reset checks. Users lacking a password reset token stored in the database default to having NULL in the reset_password_code column. Exploiting this flaw could allow unauthorized manipulation of any OpenCFP user’s password, particularly those without an unused password reset token. Although successful login still requires correlating the numeric user ID with an email address, the identification of likely organizers (users 1-5) may facilitate this process.
Skip to content
Navigation Menu
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
- Pricing
Provide feedback
Saved searches****Use saved searches to filter your results more quickly
Sign up
- GitHub Advisory Database
- GitHub Reviewed
- GHSA-2m5g-8xpw-42vp
OpenCFP Framework (Sentry) Account takeover via null password reset codes
High severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database • Updated May 15, 2024
Package
composer cartalyst/sentry (Composer)
Affected versions
<= 2.1.6
Description
Published to the GitHub Advisory Database
May 15, 2024
Last updated
May 15, 2024