Medium severity4.3NVD Advisory· Published Jan 12, 2024· Updated Jun 17, 2026
CVE-2023-40362
CVE-2023-40362
Description
An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CentralSquare/Click2Gov Building Permitdescription
- Range: <October 2023
Patches
Vulnerability mechanics
References
1- www.classaction.org/news/centralsquare-hit-with-class-action-over-2017-2018-click2gov-data-breachnvdPress/Media CoverageVendor Advisory
News mentions
0No linked articles in our index yet.