Insecure Permissions Vulnerability in OpenGoofy Hippo4j v.1.4.3: Unauthorized Access to Sensitive Information

Insecure Permissions Vulnerability in OpenGoofy Hippo4j v.1.4.3: Unauthorized Access to Sensitive Information

CVE-2023-27096 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker to obtain sensitive information via the ConfigVerifyController function of the Tenant Management module.

Learn more about our Web Application Penetration Testing UK.