Bypassing Access Restrictions via E-mail Address Field in BlogoText

CVE-2017-17794 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

validate_form_preferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to bypass intended access restrictions via vectors related to an e-mail address field.

Learn more about our Web Application Penetration Testing UK.