CVE-2023-30550

Name of the Vulnerable Software and Affected Versions MeterSphere versions prior to 2.9.0

Description The issue is an IDOR vulnerability that allows the administrator of a project to modify other projects under the workspace, potentially granting an attacker some operating permissions. MeterSphere is an open source continuous testing platform that covers functions such as test tracking, interface testing, UI testing, and performance testing.

Recommendations For versions prior to 2.9.0, update to version 2.9.0 to resolve the issue. As a temporary workaround, consider restricting project modification permissions to minimize the risk of exploitation.