Lucene search
Veracode Vulnerability DatabaseVERACODE:34115HistoryFeb 09, 2022 - 7:25 a.m.
Business Logic Errors
2022-02-0907:25:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
48.3%
publify_core is vulnerable to business logic errors. The vulnerability exists in update_params function of content_controller.rb because the password field present in the form is not accepted by the controller which allows an attacker to exploit this flaw since the article is always public.
| CPE | Name | Operator | Version |
|---|---|---|---|
| publify_core | le | 9.2.6 | |
| publify_core | le | 9.2.6 |
Related
nvd
nvd
CVE-2022-0524
2022-02-08 22:15:07
cve
cve
CVE-2022-0524
2022-02-08 22:15:07
cvelist
cvelist
CVE-2022-0524 Business Logic Errors in publify/publify
2022-02-08 22:00:17
huntr
huntr
Business Logic Errors in publify/publify
2022-02-03 12:31:50
osv
osv
Publify Business Logic Errors
2022-02-09 00:00:27
BIT-publify-2022-0524
2024-03-06 11:04:12
CVE-2022-0524
2022-02-08 22:15:07
prion
prion
Code injection
2022-02-08 22:15:00
github
github
Publify Business Logic Errors
2022-02-09 00:00:27