CVE-2022-4980
General Bytes CAS suffered an authentication bypass in the admin web interface affecting versions 20201208–20220531.38 (backport) and 20220725.22 (mainline). An unauthenticated attacker could hit the default/install/first-admin page to create a new admin account, gain privileges, and redirect fun...