Vulnerability Details CVE-2018-19109
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
Products affected by CVE-2018-19109
-
cpe:2.3:a:tianti_project:tianti:2.3