exploitDog

GHSA-wqr4-qr3f-x2r4

Опубликовано: 01 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.6

Описание

Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2.

Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2.

Ссылки

EPSS

Процентиль: 44%

0.00215

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2025-31415

CVSS3: 7.6

nvd

10 месяцев назад

Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2.

EPSS

Процентиль: 44%

0.00215

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-862