Lucene search
@huntrdevCVELIST:CVE-2022-1810HistoryMay 23, 2022 - 12:00 a.m.
CVE-2022-1810 Authorization Bypass Through User-Controlled Key in publify/publify
2022-05-2300:00:00
CWE-639
@huntrdev
www.cve.org
2
authorization bypass
user-controlled key
github repository
publify/publify
version 9.2.9
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
AI Score
4.9
Confidence
High
EPSS
0.001
Percentile
21.4%
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9.
CNA Affected
[
{
"vendor": "publify",
"product": "publify/publify",
"versions": [
{
"version": "unspecified",
"lessThan": "9.2.9",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
Publify has Improper Access Controls
2022-05-24 00:01:48
BIT-publify-2022-1810
2024-03-06 11:03:32
CVE-2022-1810
2022-05-23 12:16:16
veracode
veracode
Improper Access Control
2022-05-24 03:32:42
huntr
huntr
Improper Access Control - Articles
2022-05-20 00:29:53
nvd
nvd
CVE-2022-1810
2022-05-23 12:16:16
cve
cve
CVE-2022-1810
2022-05-23 12:16:16
rubygems
rubygems
Improper Access Control in publify
2022-05-23 21:00:00
cnvd
cnvd
Publify Access Control Error Vulnerability
2022-05-25 00:00:00
prion
prion
Authorization
2022-05-23 12:16:00
github
github
Publify has Improper Access Controls
2022-05-24 00:01:48
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
AI Score
4.9
Confidence
High
EPSS
0.001
Percentile
21.4%
Related for CVELIST:CVE-2022-1810