CVE-2023-38988

CVE-2023-38988 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

An issue in the delete function in the OaNotifyController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete notifications created by Administrators.

Learn more about our Web Application Penetration Testing UK.