4 matches found
CVE-2023-40362
An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known...
Design/Logic Flaw
An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known...
CVE-2023-40362
CVE-2023-40362 concerns CentralSquare Click2Gov Building Permit prior to October 2023, where a lack of authorization protections lets an attacker delete contractors from another user’s account if they know the victim’s user ID and contractor details. Connected sources confirm the vulnerability ex...
PT-2023-27412 · Centralsquare · Centralsquare Click2Gov Building Permit
Name of the Vulnerable Software and Affected Versions: CentralSquare Click2Gov Building Permit versions prior to October 2023 Description: An issue was discovered in CentralSquare Click2Gov Building Permit, where lack of access control protections allows remote attackers to arbitrarily delete...