Moderate severityNVD Advisory· Published Mar 16, 2023· Updated Feb 26, 2025
CVE-2023-27095
CVE-2023-27095
Description
Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker toescalate privileges via the AddUser method of the UserController function in Tenant Management module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cn.hippo4j:hippo4j-coreMaven | <= 1.4.3 | — |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-xg89-vvwp-9c27ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-27095ghsaADVISORY
- github.com/opengoofy/hippo4j/issues/1061ghsaWEB
News mentions
0No linked articles in our index yet.