5 matches found
CVE-2022-29773
An access control issue in aleksis/core/util/authhelpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set...
CVE-2022-29773
creationtimestamp| type| source ---|---|--- 2022-06-04 00:26:52+00:00| seen| https://t.me/cibsecurity/43835...
CVE-2022-29773
An access control issue in aleksis/core/util/authhelpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set...
CVE-2022-29773
An access control issue in aleksis/core/util/authhelpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set...
CVE-2022-29773
AlekSIS-Core vulnerability CVE-2022-29773 exists in ClientProtectedResourceMixin of aleksis/core/util/auth_helpers.py, affecting v2.8.1 and earlier. The issue is an access-control flaw that allows attackers to access arbitrary scopes when no allowed scopes are explicitly set. This finding is supp...