admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-48783.md

18 lines
847 B
Markdown
Raw Normal View History

Update CVE sources 2024-05-28 08:49
2024-05-28 08:49:17 +00:00
### [CVE-2023-48783](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48783)
![](https://img.shields.io/static/v1?label=Product&message=FortiPortal&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.2.0%3C%3D%207.2.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20access%20control&color=brighgreen)
### Description
An Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal version 7.2.1 and below, version 7.0.6 and below, version 6.0.14 and below, version 5.3.8 and below may allow a remote authenticated user with at least read-only permissions to access to other organization endpoints via crafted GET requests.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/vulsio/go-cve-dictionary
Reference in New Issue Copy Permalink