Description
A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions.
Remediation
References
Related Vulnerabilities
phpMyAdmin Improper Input Validation Vulnerability (CVE-2013-5029)
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
WordPress Plugin 10Web AI Assistant-AI content writing assistant Security Bypass (1.0.18)
WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.3.2)
WordPress Plugin Post Views Count (Support caching plugins!) Cross-Site Scripting (3.0.2)