PT-2021-23540 · Unknown · Topease Platform
Published
2021-11-30
·
Updated
2022-08-09
·
CVE-2021-42116
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TopEase Platform versions prior to 7.1.28
Description
The issue allows an authenticated remote attacker to bypass access controls and view sensitive components, such as the Shape Editor and Settings, which are intended for higher-privileged users. This can be achieved by identifying these components in the front-end source code or through other means.
Recommendations
For versions prior to 7.1.28, update to version 7.1.28 or later to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Topease Platform