CVE Vulnerabilities

CVE-2022-31478

Published: Jun 21, 2022 | Modified: Nov 21, 2024
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function.

Affected Software

Name Vendor Start Version End Version
Usertakeover Sr.solutions * 4.0.1 (excluding)

References