CVE-2019-12782

CVE-2019-12782

An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 (before 5.1.2) allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively deleting them.

Source: CVE-2019-12782

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다