bvqhuynh/CWX-Registration-Broken-Access-Control

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-45287 ↗	Jun 21, 2023Wednesday, 21 June 2023, 13:15	8.8 HIGH	—
An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administrative commands.
CVE-2023-34797 ↗	Jun 15, 2023Thursday, 15 June 2023, 21:15	5.4 MEDIUM	—
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information.