Количество 2
Количество 2
CVE-2022-22108
In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the absences of all users in the system including administrators. This type of user is not authorized to view this kind of information.
GHSA-frxp-xxx8-hrg6
Missing Authorization in DayByDay CRM
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-22108 In Daybyday CRM, versions 2.0.0 through 2.2.0 are vulnerable to Missing Authorization. An attacker that has the lowest privileges account (employee type user), can view the absences of all users in the system including administrators. This type of user is not authorized to view this kind of information. | CVSS3: 4.3 | 0% Низкий | около 4 лет назад |
| GHSA-frxp-xxx8-hrg6 Missing Authorization in DayByDay CRM | CVSS3: 4.3 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу