Home

Description

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.

PUBLISHED Reserved 2024-09-11 | Published 2024-11-27 | Updated 2024-12-02 | Assigner mitre

References

github.com/davidguva/OpenVidReview

github.com/...dguva/OpenVidReview/blob/main/routes/upload.js

github.com/b1d0ws/CVEs/blob/main/CVE-2024-46054.md

cve.org (CVE-2024-46054)

nvd.nist.gov (CVE-2024-46054)

Download JSON