Finex Media CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Finex Media CVE published 2023-05-23

CVE-2023-2703

CVE-2023-2703 is a high-severity information exposure issue in Finex Media Competition Management System. According to the CVE record, a remote actor can retrieve embedded sensitive data and collect data provided by users, affecting versions before 23.07. Because the issue is network-reachable and requires no privileges or user interaction per the published CVSS vector, defenders should treat exposed inst [truncated]

HIGH Finex Media CVE published 2023-05-23

CVE-2023-2702

CVE-2023-2702 describes an authorization bypass in Finex Media Competition Management System before 23.07. The issue is reported as a user-controlled key flaw that can enable authentication abuse and authentication bypass. NVD rates the issue 8.8 HIGH with network reachability and high potential impact if abused.