Incorrect Provision of Specified Functionality vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can register user accounts without being authenticated from the route "/account/Register/" and in the parameters "UserName<RANDOMUSER>&Password<PASSWORD>&ConfirmPassword<PASSWORD-REPEAT>".
Publication date: Mon, 01 Jul 2024 13:15:00 +0000