SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication.
References
Link | Resource |
---|---|
https://github.com/thomasfady/CVE-2020-25867 | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-07T20:55:32
Updated: 2020-10-07T20:55:32
Reserved: 2020-09-24T00:00:00
Link: CVE-2020-25867
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-10-07T21:15:15.023
Modified: 2020-10-15T14:12:15.387
Link: CVE-2020-25867
JSON object: View
Redhat Information
No data.
CWE