Description
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107
Scores
CVSS v3
7.8
EPSS
0.0024
EPSS Percentile
14.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-862
Status
published
Products (1)
bludit/bludit
4.0.0
Published
Sep 01, 2023
Tracked Since
Feb 18, 2026