In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mend
Published: 2021-11-02T06:55:09
Updated: 2024-08-03T20:19:19.019Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25973
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-02T07:15:07.053
Modified: 2024-11-21T05:55:42.540
Link: CVE-2021-25973
Redhat
No data.