What the vulnerability does
01Description
Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through <= 1.0.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through <= 1.0.0.
Explanation of Vulnerability in Simple Terms
Post Cloner versions 1.0.0 and earlier lack proper authorization checks, allowing unauthenticated attackers to modify content on the site. An attacker can send a network request to alter posts or pages without needing valid credentials. The vulnerability requires no user interaction and affects the integrity of site content.
What an attacker can do
Modify or alter posts and pages on the site without authentication.
Potential impact on your site
Attackers can change post content, titles, or metadata without logging in, potentially defacing or corrupting your site's content.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities