Security Advisory

CVE-2020-23448

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-26 17:15:53

Last updated 2024-08-04 14:58:15

Assigner mitre

State PUBLISHED

Description

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the systems background /admin is in code AdminLoginInterceptor, which can be bypassed.

← Browse all CVEs View on cve.org ↗