Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37: Unauthorized Access to Sensitive User Information

Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37: Unauthorized Access to Sensitive User Information

CVE-2019-19550 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL.

Learn more about our Web App Pen Testing.