Description

TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a new TestPlan is created, an ID with an incremental value is automatically generated. Using the edit function you can change the tplan_id parameter to another ID. The application does not carry out a check on the user's permissions maing it possible to recover the IDs of all the TestPlans (even the administrative ones) and modify them even with minimal privileges.

Related CPE's

a

testlink

testlink

1.9.20

Vulnerable

References

https://github.com/Alkatraz97/CVEs/blob/main/CVE-2024-46097.md

ExploitThird Party Advisory

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-284

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.1 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-09-27T16:15:05.687Z

1 year ago

Last modified

2025-07-10T13:33:02.440Z

8 months ago