Описание
It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to access private areas and/or areas intended for other roles. The vulnerability has been identified at least in the file or path ‘/app/tools.html’.
EPSS
Процентиль: 39%
0.00173
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
около 1 года назад
It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to access private areas and/or areas intended for other roles. The vulnerability has been identified at least in the file or path ‘/app/tools.html’.
EPSS
Процентиль: 39%
0.00173
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-287