3 matches found
CVE-2023-43901
Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...
Improper access control
Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user...
CVE-2023-43901
EMSigner v2.8.7 is affected by an incorrect access control in the AdHoc User creation form that allows an unauthenticated attacker to arbitrarily modify usernames and privileges by using a registered user’s email address. The issue is tied to the AdHoc User creation flow (root cause: improper acc...