Lucene search
+L

5 matches found

NVD
NVD
added 5 hours ago5 views

CVE-2026-63100

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the beforeaction ensureadmin filte...

7.1CVSS
Exploits0References2
Cvelist
Cvelist
added 5 hours ago9 views

CVE-2026-63100 Maybe 0.6.0 Missing Authorization via HostingsController show/update

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the beforeaction ensureadmin filte...

7.1CVSS
Exploits0References2
CVE
CVE
added 5 hours ago8 views

CVE-2026-63100

CVE-2026-63100 describes a missing authorization vulnerability in the Settings::HostingsController (through version 0.6.0). Authenticated low-privilege member-role users can access and modify global hosting settings because the before_action ensure_admin filter is only applied to the clear_cache ...

7.1CVSS5.3AI score
Exploits0References2
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-45199

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the beforeaction ensureadmin filte...

7.1CVSS5.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago4 views

PT-2026-60793

Maybe through 0.6.0 contains a missing authorization vulnerability that allows authenticated low-privilege member-role users to access and modify global hosting settings by exploiting unprotected show and update actions in the Settings::HostingsController, where the before action ensure admin...

7.1CVSS5.3AI score
Exploits0References3
Rows per page
Query Builder