Vulnerabilities > CVE-2022-1553 - Incorrect Authorization vulnerability in Publify Project Publify

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
publify-project
CWE-863

Summary

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users.

Vulnerable Configurations

Part Description Count
Application
Publify_Project
86

Common Weakness Enumeration (CWE)