Youssef Rebahi-Gilbert discovered that Monit did not properly process credentials for disabled accounts. An attacker could possibly use this issue to login to the platform with an expired account and a valid password.
Continue reading...
Continue reading...