CVE-2011-2674

CVE-2011-2674

EPSS 1.3%

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://basercms.net/patch/JVN09789751 http://jvndb.jvn.jp/jvndb/JVNDB-2011-000066 http://jvn.jp/en/jp/JVN16617002/index.html