VYPR
Medium severity4.3NVD Advisory· Published Dec 28, 2023· Updated Jun 17, 2026

CVE-2023-50267

CVE-2023-50267

Description

MeterSphere is a one-stop open source continuous testing platform. Prior to 2.10.10-lts, the authenticated attackers can update resources which don't belong to him if the resource ID is known. This issue if fixed in 2.10.10-lts. There are no known workarounds.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MeterSphere/MeterSpherellm-fuzzy2 versions
    <2.10.10-lts+ 1 more
    • (no CPE)range: <2.10.10-lts
    • (no CPE)range: < 2.10.10-lts

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.