exploitDog

GHSA-29h6-3fpg-r7jh

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.

Ссылки

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2020-19154

CVSS3: 6.5

nvd

больше 4 лет назад

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.

EPSS

Процентиль: 33%

0.00128

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-863