What the vulnerability does
01Description
Missing Authorization vulnerability in Shahjada Live Forms liveforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Forms: from n/a through <= 4.8.4.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in Shahjada Live Forms liveforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Forms: from n/a through <= 4.8.4.
Explanation of Vulnerability in Simple Terms
Live Forms versions 4.8.4 and earlier lack proper authorization checks, allowing authenticated users to modify or delete form data they should not have access to. An attacker with a low-privilege account can alter the integrity of forms or disrupt their availability. No confidential data is exposed by this vulnerability.
What an attacker can do
Modify or delete form data belonging to other users or forms.
Potential impact on your site
Form data integrity compromised; users may lose submissions or see unauthorized changes to their forms.
Conditions required to exploit
Attacker must have a valid user account with low-level privileges on the site.
Key dates
External resources