SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information.
References
Link | Resource |
---|---|
https://docs.google.com/document/d/1TbHYGW65o1HBZoDf0rUDQMHPJE6qfQAvqdFv1DYY4BU/edit?usp=sharing | Exploit Third Party Advisory |
https://github.com/AgentY0/CVE-2023-34965 | Third Party Advisory |
https://github.com/Anankke/SSPanel-Uim | Product |
Configurations
History
23 Jun 2023, 18:14
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/AgentY0/CVE-2023-34965 - Third Party Advisory | |
References | (MISC) https://github.com/Anankke/SSPanel-Uim - Product | |
References | (MISC) https://docs.google.com/document/d/1TbHYGW65o1HBZoDf0rUDQMHPJE6qfQAvqdFv1DYY4BU/edit?usp=sharing - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-863 | |
CPE | cpe:2.3:a:sspanel-uim_project:sspanel-uim:2023.3:*:*:*:*:*:*:* | |
First Time |
Sspanel-uim Project sspanel-uim
Sspanel-uim Project |
13 Jun 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-13 19:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-34965
Mitre link : CVE-2023-34965
CVE.ORG link : CVE-2023-34965
JSON object : View
Products Affected
sspanel-uim_project
- sspanel-uim
CWE
CWE-863
Incorrect Authorization