exploitDog

CVE-2023-43194

Опубликовано: 02 нояб. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter.

Ссылки

https://fuchai.net/cve/CVE-2023-43194
Exploit
Third Party Advisory
https://github.com/Submitty/Submitty/pull/8032
Patch
Vendor Advisory
https://fuchai.net/cve/CVE-2023-43194
Exploit
Third Party Advisory
https://github.com/Submitty/Submitty/pull/8032
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rcos:submitty:22.06.00:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00236

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-48x9-64j6-vm38

CVSS3: 5.3

github

больше 2 лет назад

Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter.

EPSS

Процентиль: 46%

0.00236

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862