High severity8.8NVD Advisory· Published Sep 19, 2022· Updated Jun 17, 2026
CVE-2022-38577
CVE-2022-38577
Description
ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.5.4
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/168427/ProcessMaker-Privilege-Escalation.htmlnvdExploitThird Party AdvisoryVDB Entry
- drive.google.com/file/d/1iP9NYUkYEy_FGMpcnTkUWn8nGcqDT02_/viewnvdExploitThird Party Advisory
- processmaker.comnvdProduct
News mentions
0No linked articles in our index yet.