EUVD-2026-31612
GHSA-65mh-5324-gg43
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Improper authorization in Sushmi-pal Invoice-System (up to commit a0a3faa16dee2621b231ae227333f5761607283b) enables authenticated low-privileged users to manipulate the ID parameter on the /profile endpoint to access or modify profile records belonging to other users - a classic horizontal privilege escalation pattern. The CVSS 4.0 score is 2.1 (Low), reflecting constrained integrity-only impact with no confidentiality or availability consequence, and a proof-of-concept exploit has been publicly disclosed on GitHub. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid authenticated session with at least low-privilege access to the Invoice-System application, as confirmed by the CVSS 4.0 PR:L modifier - unauthenticated attackers cannot exploit this vulnerability without first obtaining credentials. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 2.1 (Low) is internally consistent with the vector: AV:N (network reachable), AC:L (no special complexity), PR:L (low privilege required), UI:N (no user interaction), with impact limited to VI:L (low integrity on the vulnerable system) and zero confidentiality or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated user with a standard low-privilege account logs into the Invoice-System and intercepts or crafts a request to `/profile?id=<target_id>`, substituting the ID of another user's profile for their own. Because the server performs no ownership check, it returns or modifies the target profile data. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the vendor did not respond to disclosure, and no remediated commit has been identified beyond the affected commit a0a3faa16dee2621b231ae227333f5761607283b. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today