AIKIDO-2024-10397

appsero/client is vulnerable to Improper Access Control

80

High

appsero/client php

AIKIDO-2024-10397: appsero/client is vulnerable to Improper Access Control in versions 1.0 - 2.0.0.

Improper Access Control
Vuln in 1.0 - 2.0.0
Fixed in 2.0.1
No CVE available
TL;DR

Affected versions of this package are vulnerable to improper access control that allows lower privileged users to execute plugin settings without permission.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade appsero/client library to patch version.

Background info

Link to vendor website

Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US