CVE-2026-5781
- EPSS 0.23%
- Veröffentlicht 28.04.2026 11:44:26
- Zuletzt bearbeitet 28.05.2026 13:57:24
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipu...
CVE-2026-5780
- EPSS 0.2%
- Veröffentlicht 28.04.2026 11:43:08
- Zuletzt bearbeitet 05.05.2026 14:22:38
An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered u...
CVE-2026-5779
- EPSS 0.25%
- Veröffentlicht 28.04.2026 11:41:35
- Zuletzt bearbeitet 05.05.2026 14:20:48
An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful expl...