What the vulnerability does
01Description
Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Broken Authentication in RegistrationMagic <= 6.0.8.6 versions.
Explanation of Vulnerability in Simple Terms
RegistrationMagic versions up to 6.0.8.6 contain an authentication bypass vulnerability. An attacker can gain unauthorized access to the application without valid credentials. The vulnerability requires no user interaction and can be exploited remotely over the network. This affects confidentiality, integrity, and availability of the affected system.
What an attacker can do
Gain unauthorized access to RegistrationMagic without valid credentials and read, modify, or delete data.
Potential impact on your site
Attackers can access user data, modify registrations, or disrupt service without needing a valid account.
Conditions required to exploit
Network access to the affected RegistrationMagic installation. No authentication or user interaction required.
Key dates
External resources
Related vulnerabilities