What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
Explanation of Vulnerability in Simple Terms
Togo versions 1.0.4 and earlier contain an improper privilege escalation vulnerability. An authenticated user with low privileges can read, modify, or delete sensitive data and disrupt service availability. The vulnerability requires network access and valid credentials but no additional user interaction. Organizations using Togo should update immediately to a patched version.
What an attacker can do
Read, modify, or delete sensitive data; disrupt service availability.
Potential impact on your site
Authenticated users can access and modify data beyond their permission level, risking data breach and service disruption.
Conditions required to exploit
Valid low-privilege user account; network access to the application.
Key dates
External resources