Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 5:6 p.m.10 views

CVE-2026-46425 Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

9.9CVSS5.8AI score0.00286EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/07 12:0 a.m.8 views

The vulnerability of SCIM (System of Cross-domain Identity Management) function of the Git-based software platform for collaborative code development on GitLab arises from the ability to invite arbitrary users through their user names and email addresses. This allows a malicious actor to gain control over user accounts by modifying their email addresses.

The vulnerability of SCIM System of Cross-domain Identity Management in the Git-based software platform for collaborative code development on GitLab relates to the ability to invite arbitrary users through their user names and email addresses. Exploiting this vulnerability could allow a malicious...

9.6CVSS8.2AI score0.15471EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.6 views

GitLab 访问控制错误漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. An Access Control Error vulnerability exists in GitLab Community Edition and GitLab...

9.9CVSS8.6AI score0.15471EPSS
Exploits0References5
Rows per page
Query Builder