Missing Authorization Vulnerability in Brainstorm Force Spectra Allows Exploiting Incorrectly Configured Access Control Security Levels
CVE-2023-23834
4.3MEDIUM
What is CVE-2023-23834?
A missing authorization vulnerability exists in the Brainstorm Force Spectra plugin, whereby incorrect access control configurations may lead to unauthorized access. This issue can be exploited by attackers to manipulate application behavior and gain access to sensitive information or functions that should be restricted. Users running affected versions of the Spectra plugin are at risk due to these security level misconfigurations, making it critical for website owners to evaluate and secure their installations promptly.
Affected Version(s)
Spectra 0 <= 2.3.0