Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules plugin, allowing an attacker to bypass authentication by guessing a sequential ID, allowing them to take over the another user's streams.
                
            Metrics
Affected Vendors & Products
References
        History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: talos
Published: 2022-08-22T18:26:26.065Z
Updated: 2025-04-15T18:50:44.932Z
Reserved: 2022-06-09T00:00:00.000Z
Link: CVE-2022-32768
 Vulnrichment
                        Vulnrichment
                    No data.
 NVD
                        NVD
                    Status : Modified
Published: 2022-08-22T19:15:10.347
Modified: 2024-11-21T07:06:55.320
Link: CVE-2022-32768
 Redhat
                        Redhat
                    No data.