Vulnerabilities > Missing Authorization

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-27	CVE-2024-3115	Missing Authorization vulnerability in Gitlab An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat. network low complexity gitlab CWE-862	4.3
2024-06-25	CVE-2024-6303	Missing Authorization vulnerability in Conduit Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins alias to a room which they control, allowing them to run commands resetting passwords, siging json with the server's key, deactivating users, and more network low complexity conduit CWE-862	8.8
2024-06-19	CVE-2022-45832	Missing Authorization vulnerability in Hennessey Attorney Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through 3. network low complexity hennessey CWE-862 critical	9.8
2024-06-19	CVE-2023-41805	Missing Authorization vulnerability in Brainstormforce Starter Templates Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through 3.2.5. network low complexity brainstormforce CWE-862	6.5
2024-06-19	CVE-2023-46146	Missing Authorization vulnerability in Themify Ultra Missing Authorization vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5. network low complexity themify CWE-862	8.8
2024-06-18	CVE-2024-38504	Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles network low complexity jetbrains CWE-862	5.3
2024-06-18	CVE-2024-38506	Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows network low complexity jetbrains CWE-862	8.1
2024-06-15	CVE-2023-6696	Missing Authorization vulnerability in Sygnoos Popup Builder The Popup Builder – Create highly converting, mobile friendly marketing popups. network low complexity sygnoos CWE-862	8.1
2024-06-15	CVE-2024-2544	Missing Authorization vulnerability in Sygnoos Popup Builder The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions. network low complexity sygnoos CWE-862	6.4
2024-06-14	CVE-2024-37317	Missing Authorization vulnerability in Nextcloud Notes The Nextcloud Notes app is a distraction free notes taking app for Nextcloud. network low complexity nextcloud CWE-862	4.6

Vulnerabilities > Missing Authorization {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Missing Authorization"}]}

Vulnerabilities > Missing Authorization