{"id":"CVE-2019-1020010","details":"Misskey before 10.102.4 allows hijacking a user's token.","modified":"2026-04-10T04:13:52.657237Z","published":"2019-07-29T13:15:11.683Z","related":["GHSA-6qw9-6jxq-xj3p"],"references":[{"type":"EVIDENCE","url":"https://github.com/syuilo/misskey/security/advisories/GHSA-6qw9-6jxq-xj3p"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/syuilo/misskey","events":[{"introduced":"8f58e7208dee78f8ecf945bf51b86d39dce0b1e1"},{"fixed":"ea60565b0d2cfe5b13ed87d65ef2acb90d42b5be"},{"introduced":"d66e4b7ff97d512e2a2523815e2eef170456b37f"},{"fixed":"95b1e1a21d82567cb4e7802fa23e87692b33c1fa"}],"database_specific":{"versions":[{"introduced":"10.46.0"},{"fixed":"10.102.4"},{"introduced":"11.0.0"},{"fixed":"11.20.2"}]}}],"versions":["10.100.0","10.46.0","10.46.1","10.46.2","10.47.0","10.48.0","10.48.1","10.49.0","10.49.1","10.49.2","10.49.3","10.49.4","10.49.5","10.49.6","10.49.7","10.50.0","10.51.0","10.51.1","10.51.2","10.52.0","10.53.0","10.54.0","10.55.0","10.56.0","10.56.1","10.56.2","10.57.0","10.57.1","10.57.2","10.57.3","10.58.0","10.58.1","10.58.2","10.59.0","10.59.1","10.59.2","10.59.3","10.59.4","10.60.0","10.60.1","10.60.2","10.60.3","10.60.4","10.61.0","10.62.0","10.62.1","10.62.2","10.63.0","10.63.1","10.64.0","10.64.1","10.64.2","10.65.0","10.66.0","10.66.1","10.66.2","10.67.0","10.68.0","10.69.0","10.70.0","10.70.1","10.71.0","10.72.0","10.73.0","10.74.0","10.75.0","10.76.0","10.77.0","10.78.0","10.78.1","10.78.2","10.78.3","10.78.4","10.78.5","10.79.0","10.79.1","10.80.0","10.81.0","10.82.0","10.82.1","10.82.2","10.82.3","10.82.4","10.83.0","10.84.0","10.84.1","10.84.2","10.85.0","10.85.1","10.85.2","10.86.0","10.86.1","10.86.2","10.87.0","10.87.1","10.87.2","10.87.3","10.87.4","10.87.5","10.88.0","10.89.0","10.89.1","10.90.0","10.90.1","10.90.2","10.90.3","10.90.4","10.91.0","10.91.1","10.91.2","10.92.0","10.92.1","10.92.2","10.92.3","10.92.4","10.93.0","10.93.1","10.94.0","10.95.0","10.96.0","10.97.0","10.97.1","10.97.2","10.98.0","10.98.1","10.98.2","10.98.3","10.99.0","11.0.0","11.0.1","11.0.2","11.0.3","11.1.0","11.1.1","11.1.2","11.1.3","11.1.4","11.1.5","11.1.6","11.10.0","11.10.1","11.11.0","11.11.1","11.11.2","11.12.0","11.13.0","11.14.0","11.15.0","11.16.0","11.16.1","11.17.0","11.17.1","11.18.0","11.18.1","11.19.0","11.19.1","11.2.0","11.2.1","11.2.2","11.20.0","11.20.1","11.3.0","11.3.1","11.4.0","11.5.0","11.5.1","11.6.0","11.7.0","11.8.0","11.8.0-2","11.8.1","11.9.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha10"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha3"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha4"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha5"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha6"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha7"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-alpha8"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta1"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta10"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta11"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta12"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta13"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta14"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta15"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta16"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta3"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta4"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta5"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta6"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta7"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta8"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.0-beta9"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1020010.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}