4.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.3%
Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field.
github.com/prototypejs/prototype/blob/master/CHANGELOG
medium.com/%40vbharad/improper-access-control-vulnerability-in-prototype-1-6-0-1-framework-379cc3a05079