Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday11 views

Bonita Web 2021.2 - Authentication/Authorization Bypass

Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL. id:...

9.8CVSS7AI score0.56222EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.9 views

CVE-2022-25237

Bonita Web 2021.2 is affected by a authentication/authorization bypass vulnerability due to an overly broad exclude pattern used in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API...

9.8CVSS7.7AI score0.56222EPSS
Exploits1References1
CVE
CVE
added 2022/05/27 4:48 p.m.725 views

CVE-2022-25237

CVE-2022-25237 concerns Bonita Web 2021.2. An authentication/authorization bypass occurs due to an overly broad exclude pattern in the RestAPIAuthorizationFilter. By appending ;i18ntranslation or /../i18ntranslation/ to the end of a URL, users with no privileges can access privileged API endpoint...

9.8CVSS9.6AI score0.56222EPSS
In wildExploits1References2Affected Software1
Circl
Circl
added 2022/05/25 9:37 a.m.620 views

CVE-2022-25237

creationtimestamp| type| source ---|---|--- 2022-05-25 09:37:36+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/17 2025-01-21 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-21 2025-03-15 00:00:00+00:00| seen| The Shadowserver...

9.8CVSS7.3AI score0.56222EPSS
In wildExploits1References5
Rhino Security Labs
Rhino Security Labs
added 2022/05/24 12:46 p.m.48 views

CVE-2022-25237: Bonitasoft Authorization Bypass and RCE

The post CVE-2022-25237: Bonitasoft Authorization Bypass and RCE appeared first on Rhino Security Labs...

7.5CVSS3.3AI score0.56222EPSS
Exploits1
Rows per page
Query Builder