Vulnerabilities

CVE-2020-23448

by Fred · 26/01/2021

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system’s background /admin is in code AdminLoginInterceptor, which can be bypassed.

Date published : 2021-01-26

https://github.com/newbee-ltd/newbee-mall/issues/34

Similar

Tags: Cybersecurity Alert