CVE-2024-10469
Oct. 29, 2024, 2:34 p.m.
Tags
Product(s) Impacted
VINCE
- before 3.0.9
Description
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
Weaknesses
CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
CWE ID: 276Date
Published: Oct. 28, 2024, 4:15 p.m.
Last Modified: Oct. 29, 2024, 2:34 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cret@cert.org
References
cret@cert.org