exploitDog

GHSA-5rmh-f225-qfjh

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.

In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.

Ссылки

EPSS

Процентиль: 59%

0.00381

Низкий

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2020-11561

CVSS3: 8.8

nvd

почти 6 лет назад

In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.

EPSS

Процентиль: 59%

0.00381

Низкий

CVE ID

Дефекты

CWE-269