2 matches found
CVE-2022-34012
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of high-level administrators who hold greater privileges...
CVE-2022-34012
CVE-2022-34012 affects OneBlog v2.3.4. The issue is insecure permissions that let low-privilege administrators reset passwords of higher-privilege admins, implying a privilege-override flaw in authorization controls. The root cause is improper privilege checks within OneBlog’s admin flows. Docume...