CVE-2022-0574

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions publify/publify versions prior to 9.2.8

Description The issue concerns improper access control in the GitHub repository publify/publify. It allows anonymous users to leave comments on articles in draft mode, even though they cannot view these articles.

Recommendations For versions prior to 9.2.8, update to version 9.2.8 or later to resolve the issue.

Exploit

Fix

Incorrect Authorization

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-284

Related Identifiers

BIT-PUBLIFY-2022-0574

CVE-2022-0574

GHSA-79M3-Q3WH-C3QM

Affected Products

Publify

CVE-2022-0574

Weakness Enumeration

Related Identifiers

Affected Products

References · 10