14Finger v1.1 was discovered to contain an arbitrary user deletion vulnerability via the component /api/admin/user?id.
9.1CVSS
7.7AI Score
0.0005EPSS
Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request.
8.8CVSS
7.2AI Score
0.001EPSS