Vulnerabilities

CVE-2024-55073

by Fred · 27/03/2025

A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household.

More information : https://github.com/mealie-recipes/mealie/issues/4593

Similar

Tags: Cybersecurity Alert