Casey Cooper

**Name of the Vulnerable Software and Affected Versions** Rapid7 Nexpose versions 6.6.186 and below **Description** This issue allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. The vulnerability is related to forced browsing, which enables unauthorized access to sensitive areas of the system. **Recommendations** For versions 6.6.186 and below, update to version 6.6.187 to resolve the issue. As a temporary workaround, consider restricting access to administrative pages until the update can be applied.