Description
Improper Access Control in GitHub repository publify/publify prior to 9.2.8.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f
Patch, Third Party Advisory x_refsource_misc
https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739
Scores
CVSS v3
6.5
EPSS
0.0021
EPSS Percentile
43.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-284
CWE-863
Status
published
Products (2)
publify_project/publify
< 9.2.8
rubygems/publify_core
0 - 9.2.8RubyGems
Published
May 16, 2022
Tracked Since
Feb 18, 2026