3 matches found
CVE-2023-0609 Improper Authorization in wallabag/wallabag
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3...
CVE-2023-0609 Improper Authorization in wallabag/wallabag
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3...
CVE-2023-0609
wallabag prior to 2.5.3 contains an Improper Authorization vulnerability via the export feature that allows insecure direct object reference (IDOR) to view other users’ entries. Root cause: missing ownership validation in the export/download path (exportEntry). Impact: potential exposure of user ...