2 matches found
CVE-2021-43781
creationtimestamp| type| source ---|---|--- 2021-12-06 20:20:53+00:00| seen| https://t.me/cibsecurity/33396...
CVE-2021-43781
CVE-2021-43781 concerns Invenio-Drafts-Resources. The issue: versions prior to 0.13.7 and 0.14.6 fail to enforce permissions when publishing a record, allowing an authenticated user to publish draft records belonging to others via REST API if the record ID is known and the draft passes validation...