Bonita Web 2021.2 contains an authentication/authorization bypass vulnerability caused by an overly broad exclude pattern in RestAPIAuthorizationFilter, allowing unauthenticated users to access privileged API endpoints by appending ;i18ntranslation or /../i18ntranslation/ to the URL.
id: CVE-2022-25237
info:
name: Bonita Web 2021.2 - Authentication/Authorization Bypass
author:
...