Unauthorized Access to Non-Disclosure Attribute in Special Interest Group Network for Analysis and Liaison

Unauthorized Access to Non-Disclosure Attribute in Special Interest Group Network for Analysis and Liaison

CVE-2023-38752 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Improper authorization vulnerability in Special Interest Group Network for Analysis and Liaison versions 4.4.0 to 4.7.7 allows the authorized API users to view the attribute information of the poster that is set as"non-disclosure" in the system settings.

Learn more about our Api Penetration Testing.