Vulnerability Details CVE-2020-23449
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2020-23449
-
cpe:2.3:a:newbee-mall_project:newbee-mall:1.0
-
cpe:2.3:a:newbee-mall_project:newbee-mall:2019-10-23
-
cpe:2.3:a:newbee-mall_project:newbee-mall:2022-10-27