Unrated severityNVD Advisory· Published Apr 25, 2019· Updated Aug 4, 2024
CVE-2019-11488
CVE-2019-11488
Description
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser history.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2019-04-23
Patches
Vulnerability mechanics
References
2- blog.cybrgrade.com/CVE-2019-11488-SimplyBook.me-hash-replay-attack/mitrex_refsource_MISC
- cybrgrade.com/files/Report_SimplyBookIt_MD5_Hash_Replay_by_CybrGradeUKLtd.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.