What the vulnerability does
01Description
Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through <= 3.5.4.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in Phil Age Gate age-gate allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Age Gate: from n/a through <= 3.5.4.
Explanation of Vulnerability in Simple Terms
Phil Age Gate versions 3.5.4 and earlier lack proper authorization checks, allowing unauthenticated attackers to read sensitive information. The vulnerability requires only network access and no user interaction. An attacker can access restricted data without logging in or performing additional steps.
What an attacker can do
Read sensitive information without authentication.
Potential impact on your site
Unauthorized users can access restricted data exposed by the Age Gate component.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources