What the vulnerability does
01Description
Missing Authorization vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through <= 6.5.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
What the vulnerability does
Missing Authorization vulnerability in fs-code FS Poster fs-poster.This issue affects FS Poster: from n/a through <= 6.5.8.
Explanation of Vulnerability in Simple Terms
FS Poster versions 6.5.8 and earlier lack proper authorization checks, allowing authenticated users with low privileges to modify or delete content and access sensitive information. An attacker with a basic user account can perform actions restricted to administrators without additional interaction. This affects the integrity and availability of site content.
What an attacker can do
Modify, delete, or access site content and settings that should be restricted to administrators.
Potential impact on your site
Unauthorized users can alter or remove posts, pages, and settings; confidential data may be exposed.
Conditions required to exploit
Attacker must have a low-privilege user account on the site; no additional user interaction required.
Key dates
External resources