Lucene search
MitreCVE-2023-36339HistoryJul 21, 2023 - 8:15 p.m.
CVE-2023-36339
2023-07-2120:15:15
CWE-863
mitre
web.nvd.nist.gov
14
cve-2023-36339
access control
webboss.io cms
security issue
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
50.8%
An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request.
Affected configurations
Node
webbosswebboss.io_cmsRange<3.7.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| webboss | webboss.io_cms | * | cpe:2.3:a:webboss:webboss.io_cms:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2023-07-21 20:15:00
cvelist
cvelist
CVE-2023-36339
2023-07-21 00:00:00
nvd
nvd
CVE-2023-36339
2023-07-21 20:15:15
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
50.8%
Related for CVE-2023-36339