CVE-2024-48176

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
05/11/2024
Last modified:
06/11/2024

Description

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend.

References to Advisories, Solutions, and Tools