Unauthorized Invitation Vulnerability in Smart Things Prior to 1.7.93

Unauthorized Invitation Vulnerability in Smart Things Prior to 1.7.93

CVE-2023-21432 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.

Learn more about our Web Application Penetration Testing UK.