CVE-2023-46906 Information

Description

juzaweb <= 3.4 is vulnerable to Incorrect Access Control resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated.

Reference

https://github.com/juzaweb/cms https://www.sumor.top/index.php/archives/880/