Multi Factor Authentication Token Improperly Validated On User Login
Package
RACTF Core
(django)
Affected versions
>c57a4d186bfc586ad3edfe4dcba9f11efbf22f09
Patched versions
cebb67bd16a8296121201805332365ffccb29638
Impact
Users with multi factor authentication enabled are able to log in without a valid token.
Patches
Patched in commit cebb67b
Workarounds
There are no workarounds available at this time.
References
c57a4d1#diff-60c444c47c061306f2dff5bf97c07810f40f949a8e94ecbb609b6b29364c8642R130-R152
For more information
If you have any questions or comments about this advisory: