CVE-2023-7226

MEDIUM

meetyoucrop big-whale 1.1 - Improper Ownership Management

Title source: llm

Description

A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250232.

Exploits (1)

gitee 596 stars
by progr1mmer · javawriteup
https://gitee.com/meetyoucrop/big-whale/issues/I6N31K

References (3)

Scores

CVSS v3 6.3
EPSS 0.0014
EPSS Percentile 34.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-282
Status published
Products (1)
meiyou/big_whale 1.1
Published Jan 11, 2024
Tracked Since Feb 18, 2026