exploitDog

GHSA-jw8p-xr8r-2w5h

Опубликовано: 09 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 7.1

CVSS3: 8.8

Описание

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.

Ссылки

EPSS

Процентиль: 19%

0.0006

Низкий

7.1 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2025-40670

CVSS3: 8.8

nvd

8 месяцев назад

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.

EPSS

Процентиль: 19%

0.0006

Низкий

7.1 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-863