CVE-2022-27958

Published April 10th, 2022

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

5.5

MEDIUM

Affected

PROJECT

Description

Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information.

afeng2016-s/CVE-RequestUNAVAILABLE

Apply for details and proof of concept of CVE vulnerability.

GitHub