Описание
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| roundup | removed | package |
Примечания
http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9
EPSS
Процентиль: 33%
0.0013
Низкий
Связанные уязвимости
CVSS3: 4.3
ubuntu
почти 10 лет назад
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
CVSS3: 4.3
nvd
почти 10 лет назад
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
CVSS3: 4.3
github
больше 3 лет назад
Roundup sensitive data disclosure vulnerability
EPSS
Процентиль: 33%
0.0013
Низкий