CNNVD-202601-3010 Information

CNNVD ID

CNNVD-202601-3010

Related CVE

CVE-2026-23843

• CNNVD Published: 2026-01-19

Description (Chinese)

Teklif Yönetim Sistemi是sibercii6-crypto个人开发者的一个管理跟踪客户报价的软件。 Teklif Yönetim Sistemi存在安全漏洞，该漏洞源于报价查看功能中缺少授权检查，可能导致经过身份验证的用户访问其他用户的报价。

Description (English)

Teklif Yönetim Sistemi is a software for managing the tracking of client offers by the sibercii6-crypto personal developer. Teklif Yönetim Sistemi had a security loophole, which stemmed from the lack of authorization to check in the quotation viewing function, which could lead to users with authentication to access offers from other users.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/sibercii6-crypto/teklifolustur_app/commit/dd082a134a225b8dcd401b6224eead4fb183ea1c https://github.com/sibercii6-crypto/teklifolustur_app/security/advisories/GHSA-6h9r-mmg3-cg7m https://access.redhat.com/security/cve/cve-2026-23843

Patch

https://github.com/sibercii6-crypto/teklifolustur_app/commit/dd082a134a225b8dcd401b6224eead4fb183ea1c