CVE-2024-46607 | Thecosy IceCMS up to 3.4.7 UserController.java loginAdmin username/password access control

CVE-2024-46607 | Thecosy IceCMS up to 3.4.7 UserController.java loginAdmin username/password access control

A vulnerability was found in Thecosy IceCMS up to 3.4.7. It has been rated as critical. This issue affects the function loginAdmin of the file UserController.java. The manipulation of the argument username/password leads to improper access controls. The identification of this vulnerability is CVE-2024-46607. Access to the local network is required for this attack. There is no exploit available.