Launchpad.net

CVE 2022-40036

An issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.

See the CVE page on Mitre.org for more details.

References