CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
52.5%
One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comments by selecting a conflicting e-mail address.
Vendor | Product | Version | CPE |
---|---|---|---|
oneclickorgs | one_click_orgs | * | cpe:2.3:a:oneclickorgs:one_click_orgs:*:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.0.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.0:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.0.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.1:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.1.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.0:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.1.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.1:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.2.0 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.0:*:*:*:*:*:*:* |
oneclickorgs | one_click_orgs | 1.2.1 | cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.1:*:*:*:*:*:*:* |