EPSS
Percentile
21.4%
publify_core is vulnerable to improper access control. The vulnerability exists in the update function in content_controller.rb due to improper validation of user permissions which allows an unauthorized user to modify the data in the system.
update
content_controller.rb
github.com/advisories/GHSA-c273-c6vg-4pv5
github.com/publify/publify/commit/c0aba87844d1e47da50c0d99a3465164a4d244ce
github.com/publify/publify/pull/1065
huntr.dev/bounties/9b2d7579-032e-42da-b736-4b10a868eacb