Shiori
Monthly
Vertical privilege escalation in Shiori (go-shiori), the self-hosted Go bookmark manager, lets any authenticated low-privilege user promote themselves to administrator. By sending a crafted PATCH request to the /api/v1/auth/account update endpoint with owner: true - a field that lacked an authorization check - the user flips their own owner flag, then re-authenticates to receive an admin JWT granting full system access. Disclosed by VulnCheck with a vendor fix committed upstream; no public exploit identified at time of analysis and it is not listed in CISA KEV.
A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass authentication via a brute force attack. [CVSS 6.5 MEDIUM]
Vertical privilege escalation in Shiori (go-shiori), the self-hosted Go bookmark manager, lets any authenticated low-privilege user promote themselves to administrator. By sending a crafted PATCH request to the /api/v1/auth/account update endpoint with owner: true - a field that lacked an authorization check - the user flips their own owner flag, then re-authenticates to receive an admin JWT granting full system access. Disclosed by VulnCheck with a vendor fix committed upstream; no public exploit identified at time of analysis and it is not listed in CISA KEV.
A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass authentication via a brute force attack. [CVSS 6.5 MEDIUM]