CVE-2024-11216

Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: before 3.1.5.

CVSS

No CVSS.

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-25-0052

Configurations

No configuration.

History

19 Aug 2025, 15:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.6~~	v2 : unknown v3 : unknown
CWE	CWE-639 CWE-359
Summary	Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: before 3.1.5.

05 Mar 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-05 13:15

Updated : 2025-08-19 15:15

NVD link : CVE-2024-11216

Mitre link : CVE-2024-11216

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-11216

Attach tags to `CVE-2024-11216`