Описание
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-25319
- https://github.com/cerebrate-project/cerebrate/commit/a2632349175e574cd6305fa459cd7610ea09ab61
- https://zigrin.com/advisories/cerebrate-endpoints-could-be-open-when-not-enabled
- https://zigrin.com/cakephp-application-cybersecurity-research-forgotten-endpoint-authentication-bypass-with-open-prefix
Связанные уязвимости
CVSS3: 5.3
nvd
почти 4 года назад
An issue was discovered in Cerebrate through 1.4. Endpoints could be open even when not enabled.