CVE-2024-35050
8.8HIGHAn issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
Опубликовано: 5/14/2024Обновлено: 4/23/2025
Описание
An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID of a user that was deleted by an Admin.
ИИ-АнализНа базе ИИ
Затронутые продукты
surveykingsurveyking
1.3.1
Ссылки
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory
- https://github.com/javahuang/SurveyKing/issues/57ExploitIssue TrackingThird Party Advisory