What the vulnerability does
01Description
Missing Authorization vulnerability in App Cheap App Builder app-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Builder: from n/a through <= 5.5.6.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Missing Authorization vulnerability in App Cheap App Builder app-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Builder: from n/a through <= 5.5.6.
Explanation of Vulnerability in Simple Terms
App Builder versions 5.5.6 and earlier lack proper authorization checks, allowing unauthenticated attackers to read sensitive information. The vulnerability requires only network access and no user interaction. An attacker can view data they should not have access to, but cannot modify or delete it.
What an attacker can do
Read sensitive data without authentication or permission.
Potential impact on your site
Confidential information may be exposed to unauthorized users without your knowledge.
Conditions required to exploit
Network access to the App Builder instance; no authentication required.
Key dates
External resources
Related vulnerabilities