WORDS
| CVSS | |
|---|---|
| DESCRIPTION | A vulnerability in the expo.io framework allows an attacker to take over accounts and steal credentials on an application/website that configured the "Expo AuthSession Redirect Proxy" for social sign-in. This can be achieved once a victim clicks a malicious link. The link itself may be sent to the victim in various ways (including email, text message, an attacker-controlled website, etc). |
| HEAT SCORE | 89 |
| DATE | TWEETS | USER |
|---|---|---|
| 2023-05-29 04:10:07 | Critical OAuth vulnerability allows account hijacking. CVE-2023-28131, has a severity rating of 9.6 for the Open A… https://t.co/yjJgfWytKJ https://twitter.com/i/web/status/1663034526598144005 | FAllendesF |
| 2023-05-28 12:20:36 | #exploit 1. CVE-2023-2825: Path traversal vulnerability in GitLab 16.0.0 https://t.co/hNOOCtoxru 2. CVE-2023-28131… https://t.co/tcNppZ111i https://github.com/Occamsec/CVE-2023-2825 https://twitter.com/i/web/status/1662794153036505094 | ksg93rd |
| 2023-05-28 11:10:13 | expo の OAuth 認可フローの脆弱性 CVE-2023-28131 の解説記事。攻撃方法は非常にシンプル。 https://t.co/jismEPLGwk https://salt.security/blog/a-new-oauth-vulnerability-that-may-impact-hundreds-of-online-services | yuuhu04 |
| 2023-05-26 10:21:07 | Vulnerabilidad en Expo CVE-2023-28131, un popular framework utilizado por muchos servicios online para implementar… https://t.co/VhF1vtCRKK https://twitter.com/i/web/status/1662039769524711424 | elhackernet |
| 2023-05-25 21:30:24 | CVE-2023-28131 is nasty | decodebytes |
| 2023-05-25 11:50:40 | #OAuth Уязвимость в библиотеке expo-auth-session гарантирует присвоение CVE-2023-28131. Лутить учётки, личные данны… https://t.co/PyGBCX54ei https://twitter.com/i/web/status/1661700916603506690 | bytecodevm |
| 2023-05-24 23:00:50 | アプリケーション開発プラットフォームExpoのOAuth機能に脆弱性(CVE-2023-28131)があり、細工されたリンクに被害者を誘導することで認証情報が窃取可能。ソーシャルログインコンポーネントのAuthSession Pr… https://t.co/YJTBD2uB7e https://twitter.com/i/web/status/1661506750745571329 | __kokumoto |
| 2023-05-24 14:20:53 | Just discovered another critical OAuth vulnerability (CVE-2023-28131) that impacts hundreds of companies. This i… https://t.co/HHLmblMVrA https://twitter.com/i/web/status/1661375656578412546 | AviadCarmel |
| 2023-04-24 12:53:43 | Hi, I'm CVE-2023-28131. I was never good with numbers though, so you can call me Hideous Spadefish https://t.co/YEaN1uFQeR https://nvd.nist.gov/vuln/detail/CVE-2023-28131 | vulnonym |
| 2023-04-24 11:21:20 | CVE-2023-28131 A vulnerability in the https://t.co/T0MnaPVOIs framework allows an attacker to take over accounts a… https://t.co/baH6qFPMmo http://expo.io https://twitter.com/i/web/status/1650457078425608192 | VulmonFeeds |
| 2023-04-24 10:24:37 | New post from https://t.co/uXvPWJy6tj (CVE-2023-28131) has been published on https://t.co/VwuonjiXhI http://www.sesin.at https://www.sesin.at/2023/04/24/cve-2023-28131/ | WolfgangSesin |
| 2023-04-24 10:23:49 | New post from https://t.co/9KYxtdZjkl (CVE-2023-28131) has been published on https://t.co/GYZVuhjRo1 http://www.sesin.at https://www.sesin.at/2023/04/24/cve-2023-28131/ | www_sesin_at |
| 2023-04-24 08:50:43 | New post from https://t.co/uXvPWJy6tj (CVE-2023-28131 | Expo Framework AuthSession Redirect Proxy redirect) has bee… https://t.co/xEhKRDshD8 http://www.sesin.at https://twitter.com/i/web/status/1650420808391577601 | WolfgangSesin |
| 2023-04-24 08:50:35 | New post from https://t.co/9KYxtdZjkl (CVE-2023-28131 | Expo Framework AuthSession Redirect Proxy redirect) has bee… https://t.co/xHaDQiBxuw http://www.sesin.at https://twitter.com/i/web/status/1650420810924826624 | www_sesin_at |
| 2023-04-24 06:11:00 | CVE-2023-28131 A vulnerability in the https://t.co/a0ygvKgk34 framework allows an attacker to take over accounts an… https://t.co/TCBjF3l8Sj http://expo.io https://twitter.com/i/web/status/1650379139591856132 | CVEnew |
| 2023-04-24 05:30:37 | 🚨 NEW: CVE-2023-28131 🚨 A vulnerability in the https://t.co/83nuo1eO8P framework allows an attacker to take over ac… https://t.co/Nu2jbRJHYK http://expo.io https://twitter.com/i/web/status/1650370718331199489 | threatintelctr |
| 2023-04-24 05:10:28 | CVE-2023-28131 : A vulnerability in the https://t.co/CYcIn80PCj framework allows an attacker to take over accounts… https://t.co/PG3q8q2lG4 http://expo.io https://twitter.com/i/web/status/1650365227018469377 | CVEreport |