Unrestricted Web-Page Access in ModernFlow before 1.3.00.208

Unrestricted Web-Page Access in ModernFlow before 1.3.00.208

CVE-2021-3339 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen.

Learn more about our Web App Pen Testing.