Improper Authorization

CVE-2023-21432

Medium

4.2/10

Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.