CVE-2019-13403

HIGH

Temenos CWX 8.9 - Broken Access Control in EmployeeEdit2.aspx

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13403. PoCs published by B3Bo1d.

AI-analyzed exploit summary The repository describes a Broken Access Control vulnerability in Temenos CWX 8.9, allowing unauthorized viewing of user information via /CWX/Employee/EmployeeEdit2.aspx. It includes screenshots demonstrating the issue but lacks exploit code or technical depth.

Description

Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.

Exploits (1)

nomisec WRITEUP

by B3Bo1d · poc

https://github.com/B3Bo1d/CVE-2019-13403

View Code ZIP pw:eip

The repository describes a Broken Access Control vulnerability in Temenos CWX 8.9, allowing unauthorized viewing of user information via /CWX/Employee/EmployeeEdit2.aspx. It includes screenshots demonstrating the issue but lacks exploit code or technical depth.

Classification

Writeup 80%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Temenos CWX version 8.9

No auth needed

Prerequisites: Access to the vulnerable endpoint /CWX/Employee/EmployeeEdit2.aspx

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/B3Bo1d/CVE-2019-13403/

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0061

EPSS Percentile 70.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (1)

temenos/cwx 8.9

Published Jul 17, 2019

Tracked Since Feb 18, 2026