Vulnerabilities > Rapid7 > Nexpose > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-03-30 CVE-2023-1699 Forced Browsing vulnerability in Rapid7 Nexpose
Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability.  This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages.
network
low complexity
rapid7 CWE-425
critical
9.8