Описание
All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2.
EPSS
Процентиль: 9%
0.00033
Низкий
Дефекты
CWE-639
Связанные уязвимости
github
11 дней назад
askbot inexhaustive permissions check allows any user to modify a different user's profile picture
EPSS
Процентиль: 9%
0.00033
Низкий
Дефекты
CWE-639