Petitioner
Monthly
Petitioner version 0.7.3 and earlier contains a missing authorization check that allows authenticated users to modify data or settings they should not have access to due to incorrectly configured access control levels. An attacker with valid credentials can exploit this to perform unauthorized actions without requiring user interaction. A patch is not currently available for this vulnerability.
Petitioner version 0.7.3 and earlier contains a missing authorization check that allows authenticated users to modify data or settings they should not have access to due to incorrectly configured access control levels. An attacker with valid credentials can exploit this to perform unauthorized actions without requiring user interaction. A patch is not currently available for this vulnerability.