Incorrect Access Control Vulnerability in WTCMS by Taosir
CVE-2024-48237

Currently unrated

Key Information:

Vendor: Taosir
Status: WTCMS
Vendor: CVE Published:; 25 October 2024

What is CVE-2024-48237?

WTCMS version 1.0 contains a vulnerability that allows unauthorized users to gain access to restricted functionalities due to improper access controls in the HomebaseController. This flaw could be exploited to expose sensitive information or perform actions without necessary permissions, posing significant security risks for applications utilizing this CMS.

References

https://github.com/taosir/wtcms/issues/15

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 25, 2024
Vulnerability Reserved
Oct 8, 2024

JSON