Описание
This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API request URL to gain unauthorized access to other user accounts.
EPSS
Процентиль: 47%
0.00245
Низкий
Дефекты
CWE-863
Связанные уязвимости
github
11 месяцев назад
This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API request URL to gain unauthorized access to other user accounts.
CVSS3: 6.8
fstec
11 месяцев назад
Уязвимость компонента API Endpoint бэк-офисного приложения Rising Technosoft CAP Back Office Application, позволяющая нарушителю получить несанкционированный доступ к учетным записям
EPSS
Процентиль: 47%
0.00245
Низкий
Дефекты
CWE-863