exploitDog

GHSA-4hwx-j6w8-9w2r

Опубликовано: 21 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request.

A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request.

Ссылки

EPSS

Процентиль: 24%

0.00079

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-266

Связанные уязвимости

CVE-2025-25767

CVSS3: 4.8

nvd

12 месяцев назад

A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request.

EPSS

Процентиль: 24%

0.00079

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-266