AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access all user information via a crafted GET request.
github.com/b1ackc4t/14Finger/issues/12