NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-40531

Summary	A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions.
Publication Date	Aug. 6, 2024, 1:15 a.m.
Registration Date	Aug. 6, 2024, 5 a.m.
Last Update	Oct. 25, 2024, 5:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://critical.lt/blog/authorization-bypass-and-mass-assignment-in-pantera-crm/

Common Vulnerabilities List