CVE-2022-27960

Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information.

Link	Resource
https://gitee.com/oufu/ofcms/issues/I4Z8SS	Exploit Issue Tracking

Configuration 1

cpe:2.3:a:ofcms_project:ofcms:1.1.4:*:*:*:*:*:*:*

---

Published : 2022-04-10 09:15

Updated : 2022-04-15 03:16

---

NVD link : CVE-2022-27960

Mitre link : CVE-2022-27960

No products.

CWE-276

Incorrect Default Permissions