CVE-2023-46906
Summary
The package juzaweb/cms is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the "timezone" field was not correctly validated.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- HIGH
- NONE
- HIGH
References
Advisory Timeline
- Published