2 matches found
CVE-2024-5685 Broken Function Level Authorization (BFLA) in snipe/snipe-it
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it: from v4.6.17 through v6.4.1...
Navigating the Sea, Exploiting DigitalOcean APIs
Cloud service providers are now fundamental elements of internet infrastructure, granting organizations and individuals the ability to scale and efficiently store, manage, and process data. DigitalOcean is one such provider, well-regarded for its simplicity and developer-friendly platform, and...