Impact
The Blog.Core GetInfoByToken API, as seen in commit bcb4d17, has an improper access control flaw that allows any user with a valid authentication token to retrieve sensitive administrator account information. Unauthorized parties can exploit this to expose secrets, posing a direct threat to confidentiality. The vulnerability arises because the endpoint fails to restrict access to privileged users, which aligns with improper access control (CWE‑284) and missing authorization (CWE‑863). Note that Blog.Admin, a related front‑end application, does not expose any API services and is not affected.
Affected Systems
The vulnerability affects the anjoy8 Blog.Core application, version 8.0 and earlier releases. Hosts running these versions are vulnerable if the GetInfoByToken endpoint is exposed to untrusted networks. No other vendor or product variants were identified in the available data.
Risk and Exploitability
The CVSS score of 4.3 classifies the flaw as medium severity, indicating that, while the impact is moderate, an attacker with a valid token could expose administrator credentials. The EPSS score of less than 1% suggests that community-exploited attacks are currently rare, and the flaw is not listed in the CISA KEV catalog. The likely attack vector is to target the GetInfoByToken endpoint with a valid token. Based on the description, it is inferred that obtaining a valid token is a prerequisite for exploitation; once a token is available, the exploitation is straightforward and requires no additional steps.
OpenCVE Enrichment