CVE-2022-4235

Description

RushBet version 2022.23.1-b490616d allows a remote attacker to steal customer accounts via use of a malicious application. This is possible because the application exposes an activity and does not properly validate the data it receives.

Related CPE's

a rushstreetinteractive rushbet 2022.23.1-b490616d *******

References

https://fluidattacks.com/advisories/miller/

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io