12 matches found
Bonita Web 2021.2 - Authentication/Authorization Bypass
Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL. id:...
CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
VulnCheck KEV: CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
Bonitasoft Bonita Web 安全漏洞
Bonitasoft Bonita Web is an open source business process management and low-code development platform for the Bonitasoft community. A security vulnerability exists in Bonitasoft Bonita Web versions prior to 2023.2-u2, which stems from a stored cross-site scripting attack that is allowed via a UI...
Bonitasoft Bonita Web 代码问题漏洞
Bonitasoft Bonita Web is an open source business process management and low-code development platform for the Bonitasoft community. A code issue vulnerability exists in Bonitasoft Bonita Web 1.3.0 and prior versions, which stems from its...
Bonitasoft Bonita Web Authorization Bypass (CVE-2022-25237)
An authorization bypass vulnerability exists in Bonitasoft Bonita Web. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code...
CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
Authorization
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
Bonita Web 安全漏洞
Bonitasoft Bonita Web is an open source business process management and low-code development platform for the Bonitasoft community. A security vulnerability exists in Bonita Web version 2021.2 that stems from Bonita Web being affected by an authentication/authorization bypass vulnerability. An...
CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
CVE-2022-25237
CVE-2022-25237 concerns Bonita Web 2021.2. An authentication/authorization bypass occurs due to an overly broad exclude pattern in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API endpoint...