CVE-2023-44397 Information

Description

CloudExplorer Lite is an open source lightweight cloud management platform. Prior to version 1.4.1 the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/ which can cause a permission bypass. Version 1.4.1 contains a patch for this issue.

Reference

https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-fqxr-7g94-vrfj