CVE-2024-29316
CVE-2024-29316 involves NodeBB 3.6.7 with an Incorrect Access Control vulnerability. A low-privilege attacker can access restricted Admin tabs by setting a parameter (e.g., isadmin: true), as described in multiple connected documents. The root cause is insufficient access control checks that perm...