Security Advisory

CVE-2019-12782

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-09 15:20:44

Last updated 2024-08-04 23:32:55

Assigner mitre

State PUBLISHED

Description

An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 (before 5.1.2) allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively deleting them.

← Browse all CVEs View on cve.org ↗