First published: Wed Feb 01 2023(Updated: )
A vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta allows attackers to bypass authentication via a crafted web request.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Masacms Masacms | <7.2.5 | |
Masacms Masacms | >=7.3<7.3.10 | |
Masacms Masacms | =7.4.0-alpha1 | |
Masacms Masacms | =7.4.0-alpha2 | |
Masacms Masacms | =7.4.0-beta1 | |
Masacms Masacms | =7.4.0-beta2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-47002 is a vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta that allows attackers to bypass authentication via a crafted web request.
CVE-2022-47002 has a severity rating of 9.8 (critical).
An attacker can exploit CVE-2022-47002 by sending a crafted web request to bypass authentication in the Remember Me function of Masa CMS.
Versions 7.2, 7.3, and 7.4-beta of Masa CMS are affected by CVE-2022-47002.
To fix CVE-2022-47002, it is recommended to update Masa CMS to version 7.3.10 or higher.