exploitDog

GHSA-cjm4-2f5j-r6xx

Опубликовано: 14 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user.

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user.

Ссылки

EPSS

Процентиль: 42%

0.00201

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2023-43901

CVSS3: 5.9

nvd

около 2 лет назад

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user.

EPSS

Процентиль: 42%

0.00201

Низкий

5.9 Medium

CVSS3

CVE ID

Дефекты

CWE-284