Vulnerability Description
Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Publify Project | Publify | < 9.2.8 |
Related Weaknesses (CWE)
References
- https://github.com/publify/publify/commit/1a78f16f460847274265a12a9555b3524892d7PatchThird Party Advisory
- https://huntr.dev/bounties/b398e4c9-6cdf-4973-ad86-da796cde221fExploitThird Party Advisory
- https://github.com/publify/publify/commit/1a78f16f460847274265a12a9555b3524892d7PatchThird Party Advisory
- https://huntr.dev/bounties/b398e4c9-6cdf-4973-ad86-da796cde221fExploitThird Party Advisory
FAQ
What is CVE-2022-1553?
CVE-2022-1553 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any pa...
How severe is CVE-2022-1553?
CVE-2022-1553 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-1553?
Check the references section above for vendor advisories and patch information. Affected products include: Publify Project Publify.