5 matches found
Bonita Web 2021.2 - Authentication/Authorization Bypass
Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL. id:...
CVE-2022-25237
Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...
CVE-2022-25237
CVE-2022-25237 concerns Bonita Web 2021.2. An authentication/authorization bypass occurs due to an overly broad exclude pattern in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API endpoint...
CVE-2022-25237
creationtimestamp| type| source ---|---|--- 2022-05-25 09:37:36+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/17 2025-01-21 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-21 2025-03-15 00:00:00+00:00| seen| The Shadowserver...
CVE-2022-25237: Bonitasoft Authorization Bypass and RCE
The post CVE-2022-25237: Bonitasoft Authorization Bypass and RCE appeared first on Rhino Security Labs...