Skip to main content

CVE-2023-31435

Description

Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly.

NVD
Severity: HIGH
CVE ID: CVE-2023-31435
CVSS Score: 8.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Refrence: NVDMITRE

Proof Of Concept

trustcves

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8