Description

When access to the "admin" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.

Remediation

References

CVE-2023-6554

Related Vulnerabilities

WordPress Plugin SI CAPTCHA Anti-Spam Serving Spam (3.0.2)

WordPress Plugin Simplified Content Cross-Site Scripting (1.0.0)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43731)

Oracle Database Server CVE-2012-1746 Vulnerability (CVE-2012-1746)

WordPress Plugin Responsive Poll Multiple Vulnerabilities (1.7.4)

Severity

Medium

Classification

CVE-2023-6554 CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities