exploitDog

GHSA-4jcj-f5hc-phm8

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.

Ссылки

EPSS

Процентиль: 53%

0.00302

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2021-41596

CVSS3: 5.3

nvd

больше 4 лет назад

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.

EPSS

Процентиль: 53%

0.00302

Низкий

CVE ID

Дефекты

CWE-22