EUVD-2026-31590
GHSA-v6rp-6x79-xm3w
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Improper authorization in JPress versions 1.0.0 through 1.0.3 allows any authenticated low-privilege user to manipulate the id and userId parameters at the /ucenter/article/doWriteSave UCenter endpoint, potentially reading or overwriting article data belonging to other users. Publicly available exploit code exists (disclosed via GitHub issue #194), though EPSS sits at 0.03% (10th percentile) and SSVC classifies current exploitation status as 'none,' indicating limited real-world uptake despite the public disclosure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid authenticated JPress session with at least low-privilege access, as confirmed by PR:L in the CVSS 4.0 vector - unauthenticated remote exploitation is not possible. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 2.1 (Low) reflects constrained impact: confidentiality, integrity, and availability are all rated Low, with zero subsequent system scope (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers or compromises a low-privilege JPress user account, then crafts a POST request to `/ucenter/article/doWriteSave` substituting a victim's article `id` or `userId` in place of their own. Because the endpoint applies no per-resource ownership check beyond session authentication, the server accepts the request and processes the unauthorized read or write against the targeted user's article content. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the JPress project was notified through responsible disclosure but has not responded. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today