CVE: CVE-2022-1601

Name: User Access Manager (user-access-manager)

Version: 2.2.16

Date: 2022-04-10 17:56:32

Advisory: 

Type: IP Spoofing

Exploit: 


Set HTTP_X_REAL_IP which is used in checkUserGroupAccess() to use an IP from the allowlist.