CVE-2023-32669

Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the album identification (id).
Configurations

Configuration 1 (hide)

cpe:2.3:a:buddyboss:buddyboss:2.2.9:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 08:03

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-03 13:15

Updated : 2024-11-21 08:03


NVD link : CVE-2023-32669

Mitre link : CVE-2023-32669

CVE.ORG link : CVE-2023-32669


JSON object : View

Products Affected

buddyboss

  • buddyboss
CWE
CWE-639

Authorization Bypass Through User-Controlled Key