CVE-2024-31525 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular registered user is able to elevate his privileges to admin and gain comp…
High CVSS: 7.2

CVE-2024-31525

Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular registered user is able to elevate his privileges to admin and gain complete access to the system as the authorization mechanism is not validated on the server side and only on the client side. This can result, for example, in creating a new admin user in the system which enables persistent access for the attacker as an administrator.
Vendor
-
Product
-
CWE
CWE-306
Yayın Tarihi
2025-03-05 19:15:37
Güncelleme
2025-03-06 15:15:15
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-306 HIGH 2025

Referanslar

https://cwe.mitre.org/data/definitions/285.html https://github.com/Peppermint-Lab/peppermint/issues/258 https://github.com/Peppermint-Lab/peppermint/issues/258