| शीर्षक | ZBlog v1.7.4.3430 authorization flaw |
|---|
| विवरण | Z-BlogPHP contains a post-auth authorization flaw that allows low-privilege commenters to approve their own pending comments when comment moderation is enabled. Because the backend moderation logic incorrectly treats the comment author as an authorized actor, a commenter can bypass the intended review process and make their own comment publicly visible without administrator approval.
|
|---|
| स्रोत | ⚠️ https://vulnplus-note.wetolink.com/share/31wtzNoJbxKQ |
|---|
| उपयोगकर्ता | vulnplusbot (UID 96250) |
|---|
| सबमिशन | 22/04/2026 11:53 AM (1 महीना पहले) |
|---|
| संयम | 16/05/2026 02:48 PM (24 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 364334 [Z-BlogPHP 1.7.4.3430 Commend Approval c_system_event.php CheckComment अधिकार वृद्धि] |
|---|
| अंक | 19 |
|---|