What the vulnerability does
01Description
Contributor Privilege Escalation in LatePoint <= 5.5.1 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Contributor Privilege Escalation in LatePoint <= 5.5.1 versions.
Explanation of Vulnerability in Simple Terms
LatePoint versions up to 5.5.1 contain a privilege escalation vulnerability. An authenticated user with low privileges can read sensitive data, modify site content, or disrupt service availability. The attack requires network access and specific conditions but does not require user interaction. Update to version 5.6.3 or later to remediate.
What an attacker can do
Read sensitive data, modify content, or disrupt service availability with a low-privilege account.
Potential impact on your site
Authenticated users can escalate privileges to access or modify restricted data and functionality.
Conditions required to exploit
Attacker must have a low-privilege account; network access required; specific attack conditions must be met.
Key dates
External resources
Related vulnerabilities