Lucene search
CVE-2023-22487
Flarum forum software mentions feature vulnerability allows leaking of post details and full JSON:API payload, enabling access to all posts in the forum database
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | Design/Logic Flaw | 11 Jan 202320:15 | – | prion |
 | CVE-2023-22487 Post mentions can be used to read any post on the forum without access control | 11 Jan 202319:49 | – | cvelist |
 | CVE-2023-22487 Post mentions can be used to read any post on the forum without access control | 11 Jan 202319:49 | – | vulnrichment |
 | Flarum post mentions can be used to read any post on the forum without access control | 10 Jan 202322:19 | – | osv |
 | Information Disclosure | 22 Jan 202314:22 | – | veracode |
 | CVE-2023-22487 | 11 Jan 202320:15 | – | nvd |
 | Flarum post mentions can be used to read any post on the forum without access control | 10 Jan 202322:19 | – | github |
[
{
"vendor": "flarum",
"product": "framework",
"versions": [
{
"version": "< 1.6.3",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo11 Jan 2023 20:15Current
4.7Medium risk
Vulners AI Score4.7
CVSS34.3 - 7.7
EPSS0.00066
SSVC