Missing Authorization vulnerability in PageLayer
CVE-2024-30465
8.8HIGH
Summary
A missing authorization vulnerability exists in the PageLayer product developed by the Pagelayer Team. This flaw can allow unauthorized users to access restricted functionalities, potentially leading to sensitive information exposure or unauthorized operations within the PageLayer environment. Particularly, the vulnerability impacts PageLayer versions from n/a up to 1.8.1, posing critical risks for users relying on this plugin. It is essential for users to evaluate their systems for this vulnerability and implement necessary updates or mitigation strategies.
Affected Version(s)
PageLayer <= 1.8.1
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)