CVE-2023-2703
7.5 HIGHExposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retri...
Published: 2023-05-23 · Last updated: 2024-11-21
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-359, CWE-668
Affected products
| Vendor | Product |
|---|---|
| finexmedia | competition_management_system |
Description
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.This issue affects Competition Management System: before 23.07.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2023-2702 — Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, ... (8.8 HIGH)
Same CWE
- CVE-2026-53826 — OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace ... (4.3 MEDIUM)
- CVE-2026-47141 — vm2 is an open source vm/sandbox for Node.js
- CVE-2025-30459 — A privacy issue was addressed by removing the vulnerable code (5.5 MEDIUM)
- CVE-2026-48096 — OpenFGA is an authorization/permission engine built for developers (5.0 MEDIUM)
- CVE-2026-26237 — A missing authorization vulnerability has been reported to affect QuMagie (7.5 HIGH)