What the vulnerability does
01Description
Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through <= 3.0.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in fatcatapps Quiz Cat quiz-cat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz Cat: from n/a through <= 3.0.8.
Explanation of Vulnerability in Simple Terms
Quiz Cat versions 3.0.8 and earlier contain an authorization flaw that allows high-privilege users to access sensitive information they should not be able to view. The vulnerability requires administrator-level access to exploit and has limited impact on confidentiality. Site owners should update to a version newer than 3.0.8 when available.
What an attacker can do
Read sensitive information restricted to other user roles or administrative functions.
Potential impact on your site
Administrators with malicious intent can view data they shouldn't access; risk is limited to information disclosure.
Conditions required to exploit
Attacker must have administrator or high-privilege account access to the site.
Key dates
External resources
Related vulnerabilities