3 matches found
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
CVE-2019-12782
An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 before 5.1.2 allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively...
CVE-2019-12782
CVE-2019-12782 affects ThoughtSpot 4.4.1–5.1.1 (before 5.1.2). An authorization bypass in pinboard updates allows a low-privilege user with write access to at least one pinboard to corrupt or delete other users’ pinboards by spoofing GUIDs in pinboard update requests. CVSS v3 base score 8.1 (High...