Unrated severityNVD Advisory· Published Mar 7, 2022· Updated Aug 3, 2024
CVE-2022-23383
CVE-2022-23383
Description
YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user's personal home page can be realized. It is necessary to judge the user's login status before accessing the personal home page, but the vulnerability can access other users' home pages through the non login status because real authentication is not carried out.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- yzmcms.commitrex_refsource_MISC
- down.chinaz.com/soft/37810.htmmitrex_refsource_MISC
- www.cnvd.org.cn/user/myreport/6499961mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.