What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through < 8.6.13.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through < 8.6.13.
Explanation of Vulnerability in Simple Terms
MapSVG versions 8.6.13 and earlier contain an improper access control vulnerability. An authenticated user with low privileges can read, modify, or delete data and execute operations they should not have access to. The vulnerability affects confidentiality, integrity, and availability of the application. Update to a version newer than 8.6.13.
What an attacker can do
Read, modify, or delete data and execute unauthorized operations within the application.
Potential impact on your site
Authenticated users can access or modify data beyond their intended permissions, risking data breach or corruption.
Conditions required to exploit
Attacker must have a low-privilege authenticated account; no user interaction required.
Key dates
External resources