Описание
Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dogukanurker:flaskblog:2.6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 6.4
github
10 месяцев назад
Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.
EPSS
Процентиль: 18%
0.00056
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-862