@curveball/a12n-server uses insecure access controls. Inadequate permissiosn check allows any authenticated user to perform unauthorized editting of other users’ information.
CPE | Name | Operator | Version |
---|---|---|---|
@curveball/a12n-server | le | 0.18.1 | |
a12n-server | le | 0.15.3 |