CVE-2024-35050
8.8HIGHAn issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
Veröffentlicht: 5/14/2024Aktualisiert: 4/23/2025
Beschreibung
An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
KI-AnalyseKI-gestützt
Betroffene Produkte
surveykingsurveyking
1.3.1
Referenzen
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory