Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 2:49 p.m.10 views

CVE-2025-26369

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to add privileges to user groups via crafted HTTP requests...

8.8CVSS6.7AI score0.0053EPSS
Exploits0References1
Circl
Circl
added 2025/02/12 2:48 p.m.8 views

CVE-2025-26369

creationtimestamp| type| source ---|---|--- 2025-02-12 14:48:41+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113991464860891130 2025-02-12 15:09:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lhyhdyvuzr22 2025-02-12 15:37:02+00:00| seen|...

8.8CVSS4.8AI score0.0053EPSS
Exploits0References9
OSV
OSV
added 2025/02/12 2:15 p.m.7 views

CVE-2025-26369

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to add privileges to user groups via crafted HTTP requests...

8.8CVSS5.8AI score0.0053EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/12 1:29 p.m.9 views

CVE-2025-26369

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to add privileges to user groups via crafted HTTP requests...

8.8CVSS8.6AI score0.0053EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 1:29 p.m.17 views

CVE-2025-26369

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to add privileges to user groups via crafted HTTP requests...

8.8CVSS0.0053EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:29 p.m.73 views

CVE-2025-26369

CVE-2025-26369 affects Q-Free MaxTime (MaxTime 2.11.0 and earlier). The issue is a CWE-862 Missing Authorization in maxprofile/user-groups/routes.lua, enabling an authenticated (low-privileged) attacker to add privileges to user groups via crafted HTTP requests. The underlying root cause is missi...

8.8CVSS8.6AI score0.0053EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder