Security Advisory

CVE-2023-1699

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-30 09:26:13

Last updated 2025-02-11 20:12:14

Assigner rapid7

State PUBLISHED

Description

Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. This vulnerability is fixed in version 6.6.187.

← Browse all CVEs View on cve.org ↗