exploitDog

GHSA-gc28-55g9-f45f

Опубликовано: 20 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.

ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.

Ссылки

EPSS

Процентиль: 94%

0.13435

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-281

Связанные уязвимости

CVE-2022-38577

CVSS3: 8.8

nvd

больше 3 лет назад

ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.

EPSS

Процентиль: 94%

0.13435

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-281