Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the album identification (id).
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-10-03T12:23:24.533Z
Updated: 2023-10-03T12:23:24.533Z
Reserved: 2023-05-11T08:48:57.515Z
Link: CVE-2023-32669
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-03T13:15:10.077
Modified: 2023-10-04T21:07:05.703
Link: CVE-2023-32669
JSON object: View
Redhat Information
No data.
CWE