CVE-2023-40362

Published: Jan 12, 2024

Modified: Jun 20, 2025

PUBLISHED

Description

An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.classaction.org/news/centralsquare-hit-with-class-action-over-2017-2018-click2gov-data-breach

https://github.com/ally-petitt/CVE-2023-40362

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-40362

Description

Affected Products

References