Количество 2
Количество 2
CVE-2024-57190
8 месяцев назад
Erxes <1.6.1 is vulnerable to Incorrect Access Control. An attacker can bypass authentication by providing a "User" HTTP header that contains any user, allowing them to talk to any GraphQL endpoint.
CVSS3: 9.8
EPSS: Низкий
GHSA-7rhv-xm4q-wh42
8 месяцев назад
Erxes Incorrect Access Control vulnerability
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-57190 Erxes <1.6.1 is vulnerable to Incorrect Access Control. An attacker can bypass authentication by providing a "User" HTTP header that contains any user, allowing them to talk to any GraphQL endpoint. | CVSS3: 9.8 | 0% Низкий | 8 месяцев назад |
| GHSA-7rhv-xm4q-wh42 Erxes Incorrect Access Control vulnerability | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу
20