We found results for “”
WS-2023-0192
Good to know:
Date: June 14, 2023
Privilege Escalation Vulnerability in Product Upgrade Module in GitHub repository fossbilling/fossbilling prior to 0.5.0. It allows an attacker to gain access to products that they are not supposed to have access to, leading to data leakage, financial losses, and other harmful consequences.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Improper Access Control
CWE-284Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |