Unrestricted Access to /link/ Interface in SSPanel-Uim 2023.3 Leads to User Information Leak

Unrestricted Access to /link/ Interface in SSPanel-Uim 2023.3 Leads to User Information Leak

CVE-2023-34965 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information.

Learn more about our User Device Pen Test.