A vulnerability classified as critical was found in lenve...
Moderate severity
Unreviewed
Published
Apr 8, 2025
to the GitHub Advisory Database
•
Updated Apr 8, 2025
Description
Published by the National Vulnerability Database
Apr 8, 2025
Published to the GitHub Advisory Database
Apr 8, 2025
Last updated
Apr 8, 2025
A vulnerability classified as critical was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function configure of the file blogserver/src/main/java/org/sang/config/WebSecurityConfig.java. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References