Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
BizReview fails to check user access levels, allowing unauthorized access
CVE-2026-39606
Summary
A bug in BizReview means that users with incorrect access settings can access areas they shouldn't. This could lead to unauthorized changes or data access. Upgrade to the latest version of BizReview to fix this issue.
Original title
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5...
Original description
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13.
Vulnerability type
CWE-862
Missing Authorization
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026