EPSS
Percentile
35.2%
francoisjacquet/rosariosis is vulnerable to Improper Access Control. A remote attacker is able to bypass access control mechanisms due to missing authentication checks in the assets/js/warehouse.js file which can lead to information disclosure.
assets/js/warehouse.js
github.com/advisories/GHSA-g66v-3v62-g375
github.com/francoisjacquet/rosariosis/commit/6433946abfb34324616e833b1c00d0b2450753be
huntr.dev/bounties/efe6ef47-d17c-4773-933a-4836c32db85c