CVE-2024-28735 Information

Description

An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker to escalate privileges via a crafted script to the change password function.

Reference

http://financials.com http://unit4.com https://packetstormsecurity.com/files/177620/Financials-By-Coda-Authorization-Bypass.html