admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/2xxx/CVE-2022-2080.json
erwanlr a1af868fae Adds CVEs
2022-08-29 16:35:53 +02:00

80 lines
2.1 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"ID": "CVE-2022-2080",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Sensei LMS Online Courses, Quizzes, & Learning",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.5.2",
"version_value": "4.5.2"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/5395d196-a39a-4a58-913e-5b5b9d6123a5",
"name": "https://wpscan.com/vulnerability/5395d196-a39a-4a58-913e-5b5b9d6123a5"
},
{
"refsource": "MISC",
"url": "https://hackerone.com/reports/1592596",
"name": "https://hackerone.com/reports/1592596"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Veshraj Ghimire"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink