Описание
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2025.01 (исключая)
cpe:2.3:a:acc:dm_corporative_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00036
Низкий
7.5 High
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 7.5
github
5 месяцев назад
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the option parameter equal to 0, 1 or 2 in /administer/selectionnode/framesSelectionNetworks.asp.
EPSS
Процентиль: 10%
0.00036
Низкий
7.5 High
CVSS3
Дефекты
CWE-639