[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":42,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":49,"vulnerability-3299":55,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":85},[4,15,21,30,37],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[27],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":31,"slug":32,"text":33,"link":34,"external":9,"targets":35,"cta":36,"variant":13,"campaign_id":29},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[27],"Read the research",{"title":38,"slug":39,"text":24,"link":25,"external":9,"targets":40,"cta":28,"variant":13,"campaign_id":29},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[41],"/exploit-helpers/sniper",["Island",43],{"key":44,"params":45,"result":47},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":46},"{}",{"head":48},{},["Island",50],{"key":51,"params":52,"result":53},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":46},{"head":54},{},{"id":56,"detectable_with":57,"vuln_details":64,"vuln_id":82,"name":83,"published":84,"updated":65},3299,{"tool":58,"engine":61},{"id":59,"name":60},1,"Network Scanner",{"id":62,"name":63},2,"Nuclei",{"id":56,"codename":65,"description":65,"severity":66,"risk_description":67,"public_description":68,"public_recommendation":69,"recommendation":65,"references":70,"cvssv3":76,"epss_score":77,"epss_percentile":78,"cve":79,"in_cisa_catalog":9,"date":81,"software_type":65,"vendor":65,"product":65,"ptt_exploit_capabilities":65},null,"critical","Unauthenticated attackers can bypass authentication by forging JWT tokens with \"none\" algorithm to access SharePoint Server APIs, potentially gaining elevated privileges and accessing sensitive documents, user information, and SharePoint site configurations.","Microsoft SharePoint Server Elevation of Privilege Vulnerability","Apply Microsoft security patches from MSRC update guide CVE-2023-29357 that properly validates JWT token signatures and prevents authentication bypass in SharePoint Server.",[71,72,73,74,75],"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357","https://srcincite.io/advisories/src-2020-0022/","https://github.com/Chocapikk/CVE-2023-29357","https://sec.vnpt.vn/2023/08/phan-tich-cve-2023-29357-microsoft-sharepoint-validatetokenissuer-authentication-bypass-vulnerability/","https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/",9.8,0.99618,0.99945,[80],"CVE-2023-29357","2023-06-14T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2023-29357","Microsoft SharePoint - Authentication Bypass","2023-09-30T00:00:00Z",["Island",86],{"key":87,"params":88,"result":90},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":89},"{\"text-color\":\"gray\"}",{"head":91},{}]