Elated Listing
Monthly
Elated Listing through version 1.4 contains an authorization bypass that allows authenticated users to modify data they should not have access to due to improperly configured access controls. An attacker with valid credentials can exploit this missing authorization check to perform unauthorized modifications, though they cannot access sensitive information or disrupt system availability. No patch is currently available for this medium-severity vulnerability.
Elated Listing through version 1.4 contains an authorization bypass that allows authenticated users to modify data they should not have access to due to improperly configured access controls. An attacker with valid credentials can exploit this missing authorization check to perform unauthorized modifications, though they cannot access sensitive information or disrupt system availability. No patch is currently available for this medium-severity vulnerability.