Vulnerabilities > CVE-2021-36546 - Insecure Storage of Sensitive Information vulnerability in Kitesky Kitecms 1.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
kitesky
CWE-922
NVD
Published: 2023-02-03
Updated: 2023-02-10

Summary

Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL.

Vulnerable Configurations

Part Description Count
Application
Kitesky
1

Common Weakness Enumeration (CWE)

References