Description
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
Remediation
References
Related Vulnerabilities
MongoDb Reachable Assertion Vulnerability (CVE-2021-32037)
WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (6.0.11)
phpList Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6178)
WordPress Plugin PDF & Print by BestWebSoft Cross-Site Scripting (2.0.2)