Medium severity5.9NVD Advisory· Published Nov 14, 2023· Updated Jun 17, 2026
CVE-2023-43901
CVE-2023-43901
Description
Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows unauthenticated attackers to arbitrarily modify usernames and privileges by using the email address of a registered user.
Affected products
3- EMSigner/EMSignerdescription
- Range: =2.8.7
Patches
Vulnerability mechanics
References
1- secpro.llc/EMSigner-CVE-1/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.