CVE-2023-3305
CVE-2023-3305 affects C-DATA Web Management System (up to 20230607), specifically the User Creation Handler component. The vulnerability lies in the file /cgi-bin/jumpto.php?class=user&page=config_save&isphp=1 where manipulating the user/newpassword parameter grants improper access control. It al...