This repository was archived by the owner on May 7, 2024. It is now read-only.
This repository was archived by the owner on May 7, 2024. It is now read-only.
CVE-2023-39792 #830
Description
I found an access control vulnerability in add new service section. Non-admin user can add new services without any permission.
I explained the details in the link below
https://docs.google.com/document/d/1UYEz1Kymr0_twJA0iwpEqacpLT2LuT8s7Bt3Ib9EJto/edit?usp=sharing