exploitDog

GHSA-3cp9-5473-gp87

Опубликовано: 21 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.

Ссылки

EPSS

Процентиль: 85%

0.02575

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2023-49032

CVSS3: 9.8

nvd

около 2 лет назад

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.

EPSS

Процентиль: 85%

0.02575

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94