Improper Access Control in NodeBB 3.6.7 by NodeBB
CVE-2024-29316
6.3MEDIUM
What is CVE-2024-29316?
NodeBB version 3.6.7 exhibits a vulnerability due to improper access control measures. This flaw allows low-privileged attackers to access restricted administrative tabs by exploiting the 'isadmin' property, enabling unauthorized actions within the platform. Such vulnerabilities can lead to significant risks, including unauthorized data exposure and manipulation.
