CVE-2023-45899 Information

Description

An issue in the component SuperUserSetuserModuleFrontController:init() of idnovate superuser before v2.4.2 allows attackers to bypass authentication via a crafted HTTP call.

Reference

https://security.friendsofpresta.org/modules/2023/10/26/superuser.html