Security Advisory

CVE-2022-29773

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-03 20:11:07

Last updated 2024-08-03 06:33:42

Assigner mitre

State PUBLISHED

Description

An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set.

← Browse all CVEs View on cve.org ↗