5 matches found
Marval MSM Cross-Site Request Forgery Vulnerability
Marval MSM is an innovative IT service management software from Marval UK. The Marval MSM v14.19.0.12476 release has a cross-site request forgery vulnerability that can be exploited by an attacker to disable 2FA by sending a malicious form to a user...
Improper access control
Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys...
CVE-2022-31883
Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference IDOR vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys...
CVE-2022-31883
Marval MSM v14.19.0.12476 is affected by an Insecure Direct Object Reference (IDOR) vulnerability. A low-privilege user can view other users’ API keys, including Admins’ API keys. Root cause: IDOR flaw in the application’s handling of user/API key access. Impact stated in the provided sources is ...
CVE-2022-31883
Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference IDOR vulnerability. A low privilege user is able to see other users API Keys including the Admins API Keys...