CVE-2022-2368

Access control bypass in packagist/microweber/microweber

Identifiers

GHSA-9wqr-9787-p4rf, CVE-2022-2368

Package Slug

packagist/microweber/microweber

Vulnerability

Access control bypass

Description

Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password.

Affected Versions

All versions before 1.2.21

Solution

Upgrade to version 1.2.21 or above.

Last Modified

2022-07-26

source