Authorization Bypass Through User-Controlled Key Vulnerability Affects Salon Booking System
CVE-2024-47316
8.8HIGH
Summary
An authorization bypass vulnerability exists in the Salon Booking System, allowing users to manipulate access controls. This vulnerability can lead to unauthorized access to sensitive functions or data within the application. Versions affected include all from n/a up to 10.9, highlighting significant risks for users. Mitigating this issue is crucial to preserving data integrity and ensuring secure user interactions.
Affected Version(s)
Salon booking system <= 10.9
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Sharanabasappa (Patchstack Alliance)