CVE-2022-38577

ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:processmaker:processmaker:*:*:*:*:*:*:*:*

Information

Published : 2022-09-19 09:15

Updated : 2022-11-15 10:49


NVD link : CVE-2022-38577

Mitre link : CVE-2022-38577


JSON object : View

CWE
CWE-281

Improper Preservation of Permissions

Advertisement

dedicated server usa

Products Affected

processmaker

  • processmaker