CVE-2023-46906

Description

juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-46906
Base Score: 4.9
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.2

Refrence: NVD

Description​

Description