CVE-2024-31759

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sanluan PublicCMS version 4.0.202302.e

Description An issue in the software allows an attacker to escalate privileges via the change password function.

Recommendations For sanluan PublicCMS version 4.0.202302.e, consider disabling the change password function until a patch is available. Restrict access to the change password functionality to minimize the risk of exploitation.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2024-31759

Affected Products

Publiccms

CVE-2024-31759

Weakness Enumeration

Related Identifiers

Affected Products

References · 9