Business Logic Errors in Publify
Published: February 09, 2022
SECURITY IDENTIFIERS
- CVE: CVE-2022-0524 (NVD)
- GHSA: GHSA-x3rq-r3cm-5vc4
- Vendor Advisory: https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5
GEM
SEVERITY
CVSS v3.x: 6.5 (Medium)
PATCHED VERSIONS
>= 9.2.7
DESCRIPTION
Publify (formerly known as Typo) prior to version 9.2.7 is vulnerable to business logic errors.