CVE-2023-2902

Name of the Vulnerable Software and Affected Versions NFine Rapid Development Platform version 20230511

Description A vulnerability was found in the NFine Rapid Development Platform, affecting some unknown functionality of the file "/SystemManage/Organize/GetTreeGridJson? search=false&nd=1681813520783&rows=10000&page=1&sidx=&sord=asc". The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For NFine Rapid Development Platform version 20230511, consider restricting access to the "/SystemManage/Organize/GetTreeGridJson" API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.