What the vulnerability does
01Description
Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through <= 1.0.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through <= 1.0.2.
Explanation of Vulnerability in Simple Terms
Templazee versions up to 1.0.2 lack proper authorization checks, allowing authenticated users to read and modify data they should not have access to. An attacker with a low-privilege account can view or alter sensitive information belonging to other users or system resources. The vulnerability requires valid login credentials but no additional user interaction.
What an attacker can do
Read and modify data belonging to other users or restricted resources.
Potential impact on your site
User data and system integrity compromised; unauthorized access to sensitive information across accounts.
Conditions required to exploit
Valid login account with low-level privileges; network access to the application.
Key dates
External resources