Missing Authorization Flaw in Quill Forms by quillforms.com
CVE-2023-46610
6.5MEDIUM
Summary
A missing authorization vulnerability exists in Quill Forms, allowing attackers to exploit incorrectly configured access control security levels. This flaw can lead to unauthorized access and manipulation of form data. Proper security measures should be implemented to safeguard against this issue, particularly in versions from n/a through 3.3.0.
Affected Version(s)
Quill Forms <= 3.3.0
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Abdi Pranata (Patchstack Alliance)