mirror of
https://github.com/0xMarcio/cve.git
synced 2026-04-21 09:56:14 +02:00
876 B
876 B
CVE-2017-8446
Description
The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reporting_user role could execute a report with the permissions of another reporting user, possibly gaining access to sensitive data.
POC
Reference
Github
No PoCs found on GitHub currently.