CVE-2022-2631

Improper Access Control in tooljet/tooljet

CVSS 9.8 CRITICALEPSS 0.9%CWE-284

Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

tooljet · tooljet/tooljet

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/tooljet/tooljet/commit/b9fa229bcae356cbb33300b31483e97e6ea140a7 https://huntr.dev/bounties/86881f9e-ca48-49b5-9782-3c406316930c