LoveCards LoveCardsV2 Setting other access control

A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

访问控制不恰当

LoveCards 安全漏洞

LoveCards是LoveCards开源的一个表白墙程序。 LoveCards 2.3.2及之前版本存在安全漏洞，该漏洞源于访问控制不当，可能导致远程攻击。

N/A

N/A