Unrestricted Access to Admin Issues in Bytebase Application

Unrestricted Access to Admin Issues in Bytebase Application

CVE-2022-32169 · Severity

The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”.

Learn more about our User Device Pen Test.