NodeBB 3.6.7 is vulnerable to Incorrect Access Control, e.g., a low-privileged attacker can access the restricted tabs for the Admin group via isadmin:true.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Nodebb |
Nodebb |
3.6.7 (including) |
3.6.7 (including) |
References