Описание
A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mealie:mealie:2.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00227
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 5.4
github
11 месяцев назад
A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household.
EPSS
Процентиль: 45%
0.00227
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-862