exploitDog

CVE-2022-38935

Опубликовано: 15 фев. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges.

Ссылки

https://github.com/yourkevin/NiterForum/issues/25
Exploit
Issue Tracking
Vendor Advisory
https://github.com/yourkevin/NiterForum/issues/25
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:niter:niterforum:2.5.0:beta:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00235

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-cq97-3wpv-2v7v

CVSS3: 8.8

github

почти 3 года назад

An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges.

EPSS

Процентиль: 46%

0.00235

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284