exploitDog

GHSA-23gr-x4f6-vrp6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.

Ссылки

EPSS

Процентиль: 41%

0.00192

Низкий

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2021-27495

CVSS3: 7.1

nvd

около 4 лет назад

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.

EPSS

Процентиль: 41%

0.00192

Низкий

CVE ID

Дефекты

CWE-522