CVE-2023-7226

Name of the Vulnerable Software and Affected Versions meetyoucrop big-whale version 1.1

Description A critical issue affects some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the id argument leads to improper ownership management. The attack may be launched remotely.

Recommendations For meetyoucrop big-whale version 1.1, consider disabling access to the /auth/user/all.api endpoint until a patch is available. Restrict the manipulation of the id argument to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.