newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/newbee-ltd/newbee-mall/issues/35 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-26T17:16:22
Updated: 2024-08-04T14:58:15.163Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23449
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-01-26T18:15:42.787
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-23449
Redhat
No data.