exploitDog

GHSA-jwpf-9r93-rx97

Опубликовано: 12 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.

A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.

Ссылки

EPSS

Процентиль: 95%

0.19726

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2022-22572

CVSS3: 8.8

nvd

почти 4 года назад

A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.

EPSS

Процентиль: 95%

0.19726

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-269