CVE-2023-27510

2023-05-1000:00:00

jpcert

www.cve.org

jb inquiry form

exposure vulnerability

unauthorized access

AI Score

7.6

Confidence

High

EPSS

0.003

Percentile

67.9%

JSON

JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry form versions 0.6.1 and 0.6.0, JB Inquiry form versions 0.5.2, 0.5.1 and 0.5.0, and JB Inquiry form version 0.40.

CNA Affected

[
  {
    "vendor": "Jubei Inc.",
    "product": "JB Inquiry form",
    "versions": [
      {
        "version": "versions 0.6.1 and 0.6.0, versions 0.5.2, 0.5.1, and 0.5.0, and version 0.40",
        "status": "affected"
      }
    ]
  }
]

References

jubei.co.jp/formmail/info20230414.html

jvn.jp/en/jp/JVN36340790/