What the vulnerability does
01Description
Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through <= 1.0.5.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through <= 1.0.5.
Explanation of Vulnerability in Simple Terms
Hype versions up to 1.0.5 lack proper authorization checks, allowing unauthenticated attackers to read sensitive information over the network. The vulnerability requires no user interaction and affects confidentiality but not integrity or availability. Update to a version newer than 1.0.5 to remediate.
What an attacker can do
Read sensitive information without authentication.
Potential impact on your site
Sensitive data may be exposed to unauthenticated remote attackers.
Conditions required to exploit
Network access; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities