exploitDog

GHSA-56mw-g4x8-4wwm

Опубликовано: 25 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition.

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition.

Ссылки

EPSS

Процентиль: 75%

0.00883

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2022-21142

CVSS3: 9.8

nvd

почти 4 года назад

Authentication bypass vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74, Ver.2.9.x series versions prior to Ver.2.9.39, Ver.2.10.x series versions prior to Ver.2.10.43, and Ver.2.11.x series versions prior to Ver.2.11.41 allows a remote unauthenticated attacker to bypass authentication under the specific condition.

EPSS

Процентиль: 75%

0.00883

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-287