CVE-2023-33517 probably should not meet the requirement for "sufficient evidence" of a vulnerability. Check the vulnerability determination rules section.
Description:
"carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System)."
CVE-2023-33517 probably should not meet the requirement for "sufficient evidence" of a vulnerability. Check the vulnerability determination rules section.
Description: "carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System)."
References: https://gist.github.com/wushigudan/288ab32566615d8897c1da7ce7204838
Contents of that gist:
[CVE ID] CVE-2023-33517 [PRODUCT] carRental v1.0 [IVERSION] v1.0 [PROBLEM TYPE] Incorrect Access Control [DESCRIPTION] Arbitrary File Read on Back-end System
(This may be the affected Product: https://github.com/yeqifu/carRental)