CVE-2021-37791
CVE-2021-37791 affects MyAdmin v1.0 and is caused by an incorrect access control in the /api/user/userData?userCode=admin endpoint, exposing personal center data. The NVD entry lists CVSSv2 4.0 (MEDIUM) and CVSSv3.1 4.9 (MEDIUM); impact is confidentiality-only in CVSSv2 and high confidentiality i...