How severe is CVE-2024-28735?

CVE-2024-28735 has a CVSS v3 score of 8.1 (HIGH).

CVE-2024-28735

Name: financials_by_coda
Author: unit4

8.1HIGH

Unit4 Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability which allows an authenticated user to modify the password of any user of th

Publicado: 3/20/2024Atualizado: 6/17/2025

Descrição

Unit4 Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability which allows an authenticated user to modify the password of any user of the application via a crafted request.

Análise IADesenvolvido por IA

Produtos Afetados

unit4financials_by_coda

Referências

http://financials.com
Broken Link
http://unit4.com
Product
https://packetstormsecurity.com/files/177620/Financials-By-Coda-Authorization-Bypass.html
ExploitThird Party Advisory
https://www.unit4.com/
Product
https://www.unit4.com/products/financial-management-software
Product
http://financials.com
Broken Link
http://unit4.com
Product
https://packetstormsecurity.com/files/177620/Financials-By-Coda-Authorization-Bypass.html
ExploitThird Party Advisory
https://www.unit4.com/
Product
https://www.unit4.com/products/financial-management-software
Product