What the vulnerability does
01Description
Unauthenticated Sensitive Data Exposure in GetGenie <= 4.4.1 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Unauthenticated Sensitive Data Exposure in GetGenie <= 4.4.1 versions.
Explanation of Vulnerability in Simple Terms
GetGenie versions up to 4.4.1 contain a vulnerability that allows an attacker to modify data or disrupt service availability without authentication. The vulnerability stems from insufficient input validation. Site administrators should update to version 4.4.3 or later to remediate the issue.
What an attacker can do
Modify site data or cause temporary service disruption without needing to log in.
Potential impact on your site
Attackers can alter content or cause downtime on your site without credentials.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities