Improper Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows unauthorized administrative access

Improper Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows unauthorized administrative access

CVE-2019-14765 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers.

Learn more about our Crm Penetration Testing.