CVE-2021-42748

Medium

In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API.

mitre·CWE-425·Published 2022-01-07

CVSS

5.3

EPSS

0.01

KEV

No

Exploits

0

cve.orgen

118 chars

In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API.

NVDen

118 chars

In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API.

NVDes

154 chars

En Beaver Builder versiones hasta 2.5.0.3, los atacantes pueden omitir el mecanismo de protección de los controles de visibilidad por medio de la API REST

CVSS metrics across sources

2

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N