Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey allows any logged-in user to obtain the private information of any other user. Critical information retrieved: * APIKEY (1 year user Session) * RefreshToken (10 minutes user Session) * Password hashed with bcrypt * User IP * Email * Full Name
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Data Illusion Zumbrunn NGSurvey 安全漏洞
Vulnerability Description
Data Illusion Zumbrunn NGSurvey是Data Illusion Zumbrunn公司的一个在线调查和数据收集平台。 Data Illusion Zumbrunn NGSurvey存在安全漏洞,该漏洞源于授权不当,可能导致任意登录用户获取其他用户的私人信息。
CVSS Information
N/A
Vulnerability Type
N/A