Описание
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific finding, not a finding about the Squiz Matrix CMS product.
Ссылки
- Not Applicable
- Broken Link
- Not Applicable
- Broken Link
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:squiz:matrix:6.20:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00297
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details.
EPSS
Процентиль: 53%
0.00297
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-639