What the vulnerability does
01Description
Missing Authorization vulnerability in SeventhQueen Kleo kleo.This issue affects Kleo: from n/a through < 5.4.4.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in SeventhQueen Kleo kleo.This issue affects Kleo: from n/a through < 5.4.4.
Explanation of Vulnerability in Simple Terms
Kleo versions up to 5.4.4 lack proper authorization checks, allowing unauthenticated attackers to read sensitive information. The vulnerability requires no user interaction and is accessible over the network. An attacker can access data they should not be able to view without authentication or special privileges.
What an attacker can do
Read sensitive information without authentication.
Potential impact on your site
Unauthorized users can access confidential data exposed by the missing authorization check.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities