Описание
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.8.3 (исключая)
cpe:2.3:a:pleasantsolutions:pleasant_password_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00265
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3.
EPSS
Процентиль: 50%
0.00265
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-863