admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-2921.json

Browse Source
This commit is contained in:
Jamie Slome 2022-08-21 06:39:48 +01:00 committed by GitHub
parent f70474adeb
commit d959521e0c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2022/2xxx/CVE-2022-2921.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "This will lead to privilege escalation from AP officers account to the System Administrator account. and gain more functionality such as Create/Update Companies. Install/Update Languages. Install/Activate Extensions. Install/Activate Themes. Install/Activate Chart of Accounts. Software Upgrade."
"value": "Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions."
}
]
},
@ -86,4 +86,4 @@
"advisory": "51b32a1c-946b-4390-a212-b6c4b6e4115c",
"discovery": "EXTERNAL"
}
}
}