What the vulnerability does
01Description
Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue affects MeetingHub: from n/a through <= 1.23.9.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
What the vulnerability does
Insertion of Sensitive Information Into Sent Data vulnerability in Sovlix MeetingHub meetinghub allows Retrieve Embedded Sensitive Data.This issue affects MeetingHub: from n/a through <= 1.23.9.
Explanation of Vulnerability in Simple Terms
MeetingHub versions up to 1.23.9 expose sensitive information to authenticated users without proper access controls. A logged-in user with low privileges can read data they should not have access to. The vulnerability requires valid credentials but no additional user interaction. Update to version 1.25.10 or later to resolve this issue.
What an attacker can do
Read sensitive data belonging to other users or the system without authorization.
Potential impact on your site
Confidential information may be exposed to any authenticated user, including customer data or internal records.
Conditions required to exploit
Attacker must have a valid low-privilege user account on the MeetingHub instance.
Key dates
External resources
Related vulnerabilities