← Back to CVE List
CVE-2024-46609
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt